On Fri, 2 Jun 2000, Roy Hills wrote:
> However, I have an immediate requirement for SecuRemote access via
> the Firewall-1 system. This works fine for the few systems that have their
> default route set to be the Firewall-1 system, but doesn't work at all for
> the vast majority of systems which have their default route set to the old
> Firewall because the return packets don't get encrypted (one of the rules
> for SecuRemote is that the packets pass through the same gateway in
> both directions).
FW 4.1 SP1 will do Nat pools for SR :-) Create a range object containing
internal address. Policy -> Properties -> IP Pool NAT, check off "enable
ip pool nat for SR" Then go edit your firewall object acting as the vpc
gateway -> NAT Tab, you then specify the nat pool for use.
-Nick
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
