With
x, the client-server concept is reversed.The securemote client becomes the X
server. So, the server behind your firewall is INITIATING connection to
securemote client. To allow this, create a rule as follow : source "your X
clients (servers)" destination "any" service: create a new service
(services, create new, other) and in match, add this line
"tcp,dport>=6000,dport<=6063,<dst,0> in userc_rules" and action
accept . Put that rule after your client encrypt rules.
This
will allow the firewall to encrypt the packets back to securemote connections.
(the in userc_rules verifies that the destination has a securemote connection
open with the firewall)
Patrick Desnoyers
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Aylstock, Jeffrey
Sent: Tuesday, March 27, 2001 7:17 PM
To: 'Firewall Distribution List'
Subject: [FW1] Xwindows through VPNWere having a slight problem opening x windows through our VPN solution. We've set up a Nokia IP650 Firewall and are using Securemote to authenticate into the firewall. Once in all telnet ablilities are there but when trying to bring up a window it will just timeout trying to send the information to the client. My personal guess is that the Port defined for xwindows is locked out but i cant seem to trace the problem. Anyone have this problem and a possible solution?
Thanks,
Jeff Aylstock
Western Integrated Networks.
