I'm trolling for help!
I cannot get an encrypted session going between SecuRemote 4.1 and FW-1 4.1.
I can download the topology, get the auth and key exchange ... and nothing
else. No log entries either, just an eventual time out. I have tried both
FWZ and IKE. Here is the setup:
SR Client (via cable modem) ------>Internet-------->Firewall-1-------->HTTP
and FTP Servers on a rfc-1918 192.168.0.0 network
The internal network object is using hide mode NAT.
The two server objects are using static mode NAT.
**EVERYTHING WORKS FINE WITHOUT SECUREMOTE***
The Firewall is set for exportable
The encryption domain is set to "other" and references a group that
includes the internal bogus network plus two network objects for the HTTP
and FTP servers ( with their valid addresses )
The encryption and authentication types are defined
The properties for each scheme are defined
The users and group are defined
I have a rule at the top that goes : remote_users@any crypto-domain
http/ftp client-encrypt long
The SecuRemote client has the site defined ( the network for the external
interface of the fw and the static NAT objects)
NOTHING!!!
I have enabled encapsulation for the FWZ side and have played with the IP
pool NAT, but no luck.
Can anyone PLEASE help?
Thanks
Dave
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
