Hello
Could someone enlighten me. Is there any reason for the fw1 server to be in
the encryption domain? I inherited a VPN network and I noticed on our 4 VPN
tunnels 2 of the tunnels included the fw1 servers and two do not, they all
seem to work fine. I would like to make them consistent. I read on
phoneboy that you needed to include them in the encryption domain if they
were being used to hide an address. We are hiding our proxy servers, but
these are for internal only, so I don't see why it would matter if the FW1
server were in the encryption domain.
We do have one internal firewall sitting behind another firewall, this
internal firewall logs back through the external firewall to another
external management server/firewall (does that make sense? It was a bugger
to get it to log right)
FW1internal --> FW1external -->VPN/Internet -->FW1external/management
Would I need to include the fw1 server in the encryption domain in that
configuration?
Any advice would be appreciated.
Thanks
Scott
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
