"You might want to drop your topology update interval from the default to 1
hour. That will assure changes like these get pushed to the clients at their
next logon. The userc.C file is only 1K or so, so there is no bandwidth
issue.
even less would work as the added overhead for this is so little that it
doesn't count."
Seems to me it does it at half of whatever you set and keeps trying if that
one fails so it makes sure it's done by the interval you set.
Ray
From: sin <[EMAIL PROTECTED]>
Reply-To: Mailing list for discussion of Firewall-1
<[email protected]>
To: [email protected]
Subject: Re: [FW-1] Visitor mode -help
Date: Sat, 11 Aug 2007 19:34:10 +0300
Ray wrote:
"you don't need to add any rules on the gw to permit 443 traffic towards
it. it's being done automatically by the implied rules when you enable
visitor mode."
I didn't follow the entire thread because it was so long, so I missed the
versions in use. With R55 you had to create an explicit access rule. I was
told that enabling Visitor Mode on R60 created an implied rule. I have R61
and there is no implied rule. I had to create one. Your mileage may vary.
:-)
tried that on R60 HFA_02 or HFA_04 (do not remember which one was) and on
R65 and I did not have to add any rule to allow 443 on my enforcement
module.
Visitor Mode works really well. It's one of the biggest advantages of
using SecureClient instead of SecuRemote. It fixed connectivity issues at
hotels, behind crummy home routers, etc. Our execs would be sitting side
by side with a business partner using Cisco and the business partner could
not get connected and would be on the cell phone to their help desk but
Visitor Mode always worked.
:))
You might want to drop your topology update interval from the default to 1
hour. That will assure changes like these get pushed to the clients at
their next logon. The userc.C file is only 1K or so, so there is no
bandwidth issue.
even less would work as the added overhead for this is so little that it
doesn't count.
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
_________________________________________________________________
A new home for Mom, no cleanup required. All starts here.
http://www.reallivemoms.com?ocid=TXT_TAGHM&loc=us
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
