You will need to install a SecuRemote license on the FW enforcement point.
They are freely available from your reseller.
Chris
-----Original Message-----
From: Indranie Sanichar
To: [EMAIL PROTECTED]
Sent: 9/5/01 1:29 PM
Subject: [FW1] FW-1 4.1 cannot access internal net
Hello!
I just upgrade to FW-1 4.1 and now I cannot access my internal network
when
I dial-in using securID (Ace Server).
I following the instructions and upgrade the FW-1 4.1. I did not change
any
of the rules after the upgrade.
The Firewall server has FW-1 and VPN-1. Windows NT 4.0 sp 6a. ACE/Server
for
Windows NT V3.3.15 [259]
When I connect using SecurID, I should be able to access the internal
mail
server and unix box.
Policy Rules:
Source:
SecurIDUsers@any
Destination:
MailServer
UnixSystem
Service:
telnet, pop-3, smtp, icmp-proto, echo-reply, echo-request
Action:
Client Encrypt
I can authentication when I dial-in. So, I'm assuming the ACE setting is
correct. However, once i'm in, I cannot get to the mail server or the
unix
system. I can ping the internal network! I can go out to the Internet.
My VPN connections works ok.
I don't understand why my SecurId users cannot get access to their
destination. This works perfectly before the upgrade. Do I need to
install
SecurRemote on the Firewall machine? I never did before!
Can someone please point me in the right direction on how to resolve
this
issue?
Thanks in advance!
========================================================================
========
To unsubscribe from this mailing list, please see the instructions
at
http://www.checkpoint.com/services/mailing.html
========================================================================
========
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
