Ahem,
Well seeing as I've managed to answer my own question by actually paying
attention to what I'm reading. I'll retract this one and concentrate more on
why I can't seem to get the encrypted authentication traffic through my
Firewall.
Cheers,
SteveR
>
> Hi all,
>
> I have a question regarding how SecurRemotes encryption
> works, I have this
> from phoneboy.com:
> SecuRemote allows "encrypted" access between a Win9x/NT machine and a
> FireWall-1 firewall. SecuRemote uses one of three methods to
> exchange keys
> and encrypt data, depending on what you choose:
> FWZ without encapsulation: Uses FWZ1 or DES to encrypt the
> packets. Only the
> data portion of the packet is encrypted. The IP headers are
> left alone.
> FWZ with encapsulation: Same as above, except packets are
> encapsulated in IP
> Protocol 94 packets.
> ISAKMP (available with FireWall-1 4.0 and later): Allows for
> DES or 3DES to
> be used to encrypt the packets. Packets are encapsulated in
> packets of IP
> Protocol 50 and 51 (i.e. those used for IPSEC)
>
> With regards to the encapsulation options, If I'm using FWZ without
> encapsulation, does this mean the traffic is not being sent
> via protocol 94?
> and is simply encrypting the traffic and sending it via the
> applications own
> ports?
> The reason being is I have a firewall which wont pass protcol
> 50 or 94, but
> I want to run a SecurRemote client from behind it.
>
> SteveR
>
>
>
>
> ==============================================================
> ==================
> To unsubscribe from this mailing list, please see the
> instructions at
> http://www.checkpoint.com/services/mailing.html
> ==============================================================
> ==================
>
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
