Thank you for your time and help. I will give it ago.
On 3/28/07, Ray <[EMAIL PROTECTED]> wrote:
I can't remember where it is right now in the global properties, but you need to make sure it's set to rematch the connections on policy install. If it's not keeping or rematching, you'll get dropped. Keeping is a bad option. If an existing connection is now disallowed by the new security policy, the connection will remain active until it ends itself. Ray >From: Christopher McGill <[EMAIL PROTECTED]> >Reply-To: Mailing list for discussion of Firewall-1 ><[email protected]> >To: [email protected] >Subject: [FW-1] URGENT - SecureClient Issue >Date: Tue, 27 Mar 2007 10:59:53 +0100 > >Hi, > > I have setup a SecureClient RemoteAccess VPN to a customer's >SMARTCenter/Enforcement Module (Stand-Alone Deployment), I am >authenticating >myself with LDAP. I am getting authenticated fine, able to ping a host in >the VPN Domain. I am trying to manage the enfrocement module, I can >connect >with SMARTDashboard fine, but when I try to install the policy I am getting >disconnected. I have even tried install the current policy with no >changes. Here are my security policy and desktop security policy rules >relating to this: > >VPN-Users BELFAST_GW0023 Remote-AccessCommunity Any Accept > VPN_Networks_Group > > >Desktop Security Policy: > >Inbound: None > >Outbound: > > VPN-Users BELFAST_GW0023 + VPN_Networks_Group Any Encrypt > > >The rulebase was not set to any, it limited protocol inbound, I set this to >any troubleshoot. > >My understanding is this is all that should be needed, implied rules on the >desktop security policy let traffic from the client pass. And the module >is set to accept remote/checkpoint control connections. > > >Any help would be great. Thanks > >================================================= >To set vacation, Out-Of-Office, or away messages, >send an email to [EMAIL PROTECTED] >in the BODY of the email add: >set fw-1-mailinglist nomail >================================================= >To unsubscribe from this mailing list, >please see the instructions at >http://www.checkpoint.com/services/mailing.html >================================================= >If you have any questions on how to change your >subscription options, email >[EMAIL PROTECTED] >================================================= _________________________________________________________________ Get a FREE Web site, company branded e-mail and more from Microsoft Office Live! http://clk.atdmt.com/MRT/go/mcrssaub0050001411mrt/direct/01/ ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
