Ok... I must be missing something really really stupid....been pouring over the Checkpoint PDFs and phoneboy.. no luck...
NT 4 - FW-1 v 4.1 SP2 SecureRemote - same version from the same CD
Using SecureRemote with IKE Preshared Secrets - Setup goes fine - Site Creation is fine...
Two scenarios.. first one works, the second one doesn't
Can someone explain what else I need to make the 2nd work, give me some ideas to try ? (i'm all out at this point)
(i also have above the below rules..an Any to Firewall IKE and RDP accept rule)
Thanks in advance for the help !
Jason
FIRST: (working)
I have the following (applicable)rules:
Any WebServer HTTP Accept
pc1 enc_domain Any Accept
enc_domain Any Any Accept
I start Securemote on the Client and everything works great... HTTP handled by the first rule.. things like FTP and PCanywhere by the 2nd
Logs: I see The phase 1 key install and then phase 2 in both directions....then a bunch of decryption when things are working...
(It's annoying that pings don't make it intact.. but i remember reading something about that...i'll try to dig it up again)
SECOND: (broken)
I change the 2nd rule to:
User@any enc_domain Any Client Encrypt
I start securemote on the client and HTTP still works fine... but FTP and PCAnywhere and anything else through the changed rule no longer function.
Logs: I see the Phase 1 Key Install..and a Phase 2 from the PC1 to the Firewall... but NEVER see Phase 2 back the other way (From the Firwall to PC1 (the client)
