I am attempting to configure UDP encapsulation for SecuRemote as specified
in the PhoneBoy FAQ, to try and get a vendor VPN connection working from
within their network and am experiencing a problem that I hope someone here
can help with.
After modifying objects.C as specified in the document, and sending a new
userc.c file to the vendor, when he connects to our network, I see the
successful authentication, and am initial Decrypt packet for the connection
he is attempting , however he is still unable to connect to the internal
resource on our network.
When I look in the Firewall logs I see the following packet
Action: Drop
Service: VPN1_IPSEC_encapsulation
Source: my firewall's internal Interface
Destination: Vendor's Internet address
Protocol: UDP
Rule: 0
Info: reason: local interface address spoofing
I have tested the VPN connection from an ADSL router connected directly to
the Internet and did not experience any VPN problems. I do not have any
anti-spoofing rules enabled on any of the Firewall's Interfaces, (All
interfaces allow ANY addresses.)
Any ideas on why this may be happening, and what if anything I may be able
to do to correct this.
I am running FW1 4.1-SP4 on WinNT 4.0 sp 6a
Thanks
Shawn
======================================
Shawn Kearley
Infrastructure Analyst
Newfoundland Power Co. Ltd.
Phone: (709) 737-5724
Fax: (709) 737-5832
Email: [EMAIL PROTECTED]
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
