When your securemote user autenticate themselves, they will be put in userc_rules hash. So to allow X11 trafic from remote machine to Securemote PC.
Define your own Service (User Defined Servies), go to
Service Name: srMYX11 (may be anything)
Match: tcp,dport=6000,<dst,0> in userc_rules
(This says, match packet, going to some destination at port 6000, provided that destination is already present in userc_rules)
Then define rule as:
Your-X-Client -> Any -> srMYX11 -> accept ->Log
(Note: here you are not defining Encrypt, FW-1 will automatically encrypt this traffic for you since it knows if you are sending traffic to active securemote client.)
Ofcourse above rule will not work for random machines on internet, unless they authenticate through Securemote.
Good Luck!
Rajeev
Schreder Roland wrote:
Hello!I dont't know, wheather this problem is known yet or not!
We are working with Secu Remote and Firewall 1 and all
works fine. The only problem is that when a want to open a X11
connection it seems to be the server who opens this connection back
to the client and this is blocked from the firewall.
Is there a workaround for this problem e.g. a better definition
for the X11 service?Regards
Roland Schreder================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
-- ******************************************************************** Rajeev Kumar ([EMAIL PROTECTED]) http://www.rajeevnet.com ********************************************************************
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
