hi, At 16:53 11.01.2002 +1100, John Georges wrote: >We have an interesting scenario we need to overcome. Consider the following: > >NET1-----FWA---(internet)---FWB------NET2 > >NET1/FWA and NET2/FWB are owned and managed by different companies, so >there is no management interaction between them. > >People connected to NET1 will be making outbound connections to NET2.
so as I understand it you only want to allow connections from NET1 to NET2, no connectsion from NET2 to NET1? >We want to establish a VPN connection between FWA and FWB which is simple >enough, however people on NET1 will also be required to authenticate and >encrypt to FWA for traffic going to NET2. > >The results in two almost identical rules on FWA: > >1. NET1 ---> NET2 Any Client Encrypt wenn - if you want to use securemote to connect to NET2 and authenticate your users on FW-B you should implement this rule on FWB. in that case you don't need the second rule, just configure secuRemote to connect to NET2 through FWB on every client in NET1 and it works! >2. NET1 ---> NET2 Any Encrypt maybe you want to use "User Auth" instead of "Client Enctrypt" ?? cheers -reinhard -- Reinhard Stich, ASSIST [EMAIL PROTECTED] Internet Security AG, 1190 Wien, Nussdorfer Laende 29-33 Tel: +43 1 370 94 40 RS784-RIPE Fax: +43 1 370 94 40-10 ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
