Re: [FW1] SecuRemote timeout

Thu, 18 May 2000 07:57:08 -0700 


I know that securemote keeps the password in memory and many times will
respond to the firewall without you having to reinput the password.  I have
this happen all the time when I am authenicated through the firewall and
a rule load is done.  Without securemote I have to re-authenicate.  With 
securemote I don't.

Dan Lundien, CCNA, CCSE
Sr. Systems administrator
AppNet, Inc


> From [EMAIL PROTECTED] Wed May 17 20:26 EDT 2000
> From: [EMAIL PROTECTED]
> To: [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]
> Subject: Re: [FW1] SecuRemote timeout
> Date: Thu, 18 May 2000 10:01:14 +1000
> X-Priority: 3 (Normal)
> X-MIMETrack: Serialize by Router on MELPROD01/NEMMCO(Release 5.0.1b (Intl)|30 
>September
>  1999) at 05/18/2000 10:01:23 AM,
>       Serialize complete at 05/18/2000 10:01:23 AM
> MIME-Version: 1.0
> 
> Thanks for the response,
> 
> but the problem is that  they definitely are getting a different IP 
> address on the second dial up session.
> I have verified this myself using ipconfig on the laptop and by looking at 
> the FW log 
> 
> WM
> 
> 
> 
> 
> 
> "Dameon D. Welch-Abernathy" <[EMAIL PROTECTED]>
> Sent by: [EMAIL PROTECTED]
> 18/05/2000 01:31 AM
> Please respond to dwelch
> 
>  
>         To:     [EMAIL PROTECTED]
>         cc:     [EMAIL PROTECTED]
>         Subject:        Re: [FW1] SecuRemote timeout
> 
> 
> On Wed, May 17, 2000 at 07:02:58PM +1000, [EMAIL PROTECTED] 
> wrote:
>  
> >  After the establishment of a  successful SecuRemote session ( requiring 
> 
> > the use of SecureID as authentication), a laptop user closes their 
> Dialup 
> > ISP session.
> > A few minutes later, the user re-dials the ISP,  ( gains a different IP 
> > address), and the SecuRemote VPN session is re-established, without a 
> > SecureID authentication request.
> 
> If the user dials up and gets a different IP address, they will be forced
> to re-authenticate by default. It sounds like your user is getting the
> same IP address when he dials up. In this case, the answer is no.
> 
> -- 
> Dameon D. Welch-Abernathy                            a.k.a. PhoneBoy
> [EMAIL PROTECTED]                          http://www.phoneboy.com
> The views expressed herein are not necessarily those of anyone else.
> 
> 
> ================================================================================
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
> ================================================================================
> 
> 


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Reply via email to