Because that's the way the vpn works. It creates a virtual tunnel from his private network to yours. Create a rule allowing authentication from his public IP, then another rule allowing desired traffic from his private network to yours.
Hal Hal Dorsman Network Administrator Rocky Mountain Elk Foundation Missoula, Montana USA [EMAIL PROTECTED] (406)523-4576 > -----Original Message----- > From: RBHATIA [mailto:[EMAIL PROTECTED]] > Sent: Friday, January 03, 2003 11:33 AM > To: [EMAIL PROTECTED] > Subject: [FW-1] Question about Securemote client configuration > > > I'm running VPN-1 on my firewall - I would like to restrict a > particular VPN > user to a specific source IP. The user is on a DSL connection using a > private addressing scheme - 10.10.10.x /24 while our private > addressing > scheme is 10.0.0.x /24. > I created a rule that would allow the user access from the > source (public) > IP that his ISP gives him when he connects to the Internet (let's say > 24.1.1.1) e.g. Source: [EMAIL PROTECTED] - Dest: Myserver - Service: Any - > Client Encrypt > When the user authenticates with Securemote, it all goes > through fine. The > problem occurs when the user tries to connect to the server - > the source IP > I see in the log is his private IP address rather than his > public IP and > therefore the packet gets dropped. Why is it that I can see > his private IP > instead of his public IP ? And how do I tweak my rule so > that the user's > VPN account is bound to his source IP ? SHould I be using his > private IP as > the Source IP ? > ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
