Hello all,
Let me preface this note by saying that I'm no expert on FW1. Last October
we upgraded from 4.0 to 4.1, and kept our VPN encryption scheme at FWZ
following the recommendation of the firm providing us with firewall support.
Since that time we have been steadily rolling out vpn connections to users.
As more and more users are aware of the ability to connect via vpn we are
running into a large number of users who connect through a NAT box of some
sort (linksys,netgear etc). To enable this ability I followed the
instructions on the Phoneboy FAQ "SecuRemote Client and NAT".
One recommendation is to add ":force_udp_encapsulation (true)" to the
userc.c on the remote pc. This is where my questions rest:
1) can a change be made to the firewall to force this setting to
come across on a site update?
2) is there any harm in setting this flag on a user who has a direct
cable/dsl connection with personal firewall?
Any advice that you can provide me with would be greatly appreciated.
Malcolm McDuff
OSHR
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
