Pradeepa G <[EMAIL PROTECTED]> wrote: >hi, > >dunno much abt VPN.... but you will need to enable " accept VPN-1 FW-1 >control connections" so that the mgmt server can talk to the firewall >modules.
As I have written, the handish rulebase almost matches to all implied rules despite RDP. > >If you want to disable theabove property because of RDS, then you may >need to explicitly add a rule allowing the mgmt server to talk to the fw >modules. > >rgds, >Pradeepa > >-----Original Message----- >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] >Sent: Wednesday, December 12, 2001 3:12 PM >To: [EMAIL PROTECTED] >Subject: [FW-1] VPN setup problems > > >Hi, > >I am running SBFC2.0.35sp5, checkpoint 4.1sp5-rdp-hotfix on a solaris >box. Now I have setup a securemote VPN. However this only works as long >as "Accept VPN-1 FW-1 Control Connections" in the properties tab is >enabled. Anybody running a VPN without that setup successfully? When the >box is unchecked the node itself not the cluster IP replies to IKE >request, so reply packets are dropped by the firewall as those are not >in the state table. > >I've built me rulebase according to the implied rules which I really >want to enable and there aren't any drops/rejects in the logviewer >either. > >I don't want to enable above property as RDP is enabled by default and >this protocol has had quite a few errors in the past. > >Any help/ hint/ comment is really appreciated. > >Regards, >Egonle > >-- > > > > >__________________________________________________________________ >Your favorite stores, helpful shopping tools and great gift ideas. >Experience the convenience of buying online with Shop@Netscape! >http://shopnow.netscape.com/ > >Get your own FREE, personal Netscape Mail account today at >http://webmail.netscape.com/ > >================================================= >To unsubscribe from this mailing list, >please see the instructions at >http://www.checkpoint.com/services/mailing.html >================================================= >To set vacation, Out Of Office, or away messages, >send an email to [EMAIL PROTECTED] >in the BODY of the email add: >set fw-1-mailinglist nomail >================================================= >If you have any questions on how to change your >subscription options, email Ron Alcatraz at: >[EMAIL PROTECTED] >================================================= > >================================================= >To unsubscribe from this mailing list, >please see the instructions at >http://www.checkpoint.com/services/mailing.html >================================================= >To set vacation, Out Of Office, or away messages, >send an email to [EMAIL PROTECTED] >in the BODY of the email add: >set fw-1-mailinglist nomail >================================================= >If you have any questions on how to change your >subscription options, email Ron Alcatraz at: >[EMAIL PROTECTED] >================================================= > -- __________________________________________________________________ Your favorite stores, helpful shopping tools and great gift ideas. Experience the convenience of buying online with Shop@Netscape! http://shopnow.netscape.com/ Get your own FREE, personal Netscape Mail account today at http://webmail.netscape.com/ ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= If you have any questions on how to change your subscription options, email Ron Alcatraz at: [EMAIL PROTECTED] =================================================
