I have the same router and have had some success getting it to run with SR
4.1 going to a FW-1 ver 4.0 on Solaris. I am using ISAKMP. I made all the
changes mentioned on phoneboy's site related to SR and NAT (changed the
objects.C file on the Management Station and restart FW). Then I updated the
Linksys router to version 1.22, and there is also a code update from Linksys
to this (Thanks to Scott Swenka for making me aware of this). I think it is
still in beta so you may have to contact Linksys (or e-mail me off the
list). This was suppose to fix VPN problems related to IPSEC. I did not use
the DMZ host feature, nor did I have to redirect ports to the IP address of
the SR client.
Finally I had an issue with IP addresses. The linksys router was assigning
my box an IP address from a non-routable subnet that also existed inside my
Encryption domain, duh. Once I changed the address range for DHCP on the
router SR sort of works.
I have two encryption domains behind two different firewalls, both run by
the same Management server. SR works with one and not the other. If I remove
the linksys router SR works just fine with both. Time to break out the
network sniffer. If anyone has any clues on this one, please let me know.
Hope this helps,
Bryan
-----Original Message-----
From: Tige Richardson [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, June 06, 2000 11:22 AM
To: [EMAIL PROTECTED]
Subject: Re: [FW1] Secure Remote and Cable Modem Router (Linksys
BEFSR41)
I posted a very similar message here a few months ago. I have an employee
that
was attempting to get SecuRemote working behind a Linksys router using the
DMZ
host feature. Nothing we did worked. Emails to Linksys hit the bit bucket.
>From all appearances the encryption process is not supported by the Linksys
router. I have forgotten many of the details, but IIRC we did a TCP dump on
one
end and a snoop on the other and it looked like the checksum did not match,
meaning the Linksys router recalculated it before sending it on? Not sure,
but
after taking it out of the LAN configuration his SecuRemote worked fine.
I received quite a few emails from other netadmins after posting my question
and
they all had very similar experiences with the Linksys router (i.e. none of
them
could get SecuRemote to work behind it).
tige
> I am trying to get my company laptop to connect to my corporate Intranet
and
> I'm having some problem with the Secure Remote client working through my
> Linksys Router. I've checked at phoneboy.com for any suggestions, but I
must
> not have found the exact situation, since I can configure the laptop to be
a
> DMZ host, I'm confused and I think I've run into a routing problem. I've
> tried dialing with a modem, (Secure Remote was installed on all adapters)
> and when using a modem, everything works fine. So what am I doing wrong on
> the cable modem setup?
<snip>
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
