[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Question about the whole SecuRemote/NAT Issue
That's
the funny thing. We are a 100% SP2 shop (firewalls, enterprise mgt
consoles, SR, etc.)...... I was still under the impression, that even with
SP2, a few of these changes were needed. None of it was done before I did
it.
Is it
possible that the upgrade and a fresh SP2 install yield different configs (i.e.
objects.C files)?
Any
other suggestions for trouble shooting SecuRemote problems?
Thanks!
Jarrett
I have a
quick question about a solution I have been reading in many places in
relation to the dreaded and aggravating SecuRemote and NAT issue that many
people are having. In the following Phoneboy FAQ [http://www.phoneboy.com/fw1/faq/0141.htm], it
talks about the :userc_NAT (true), :user_IKE_NAT (true), and for SecurRemote
the :force_udp_encapsulation (true) variables. These are very
straightforward. Then there is the other thing it says to
add:
:isakmp.udpencapsulation
(
:resource ( :type (refobj) :refname ("#_VPN1_IPSEC_encapsulation") ) :active (true) )
I have read in
many places that it says to add it to the "gateway section" of the
objects.C. Would this mean the firewall object itself? Or should
it go somewhere else?
Can someone
please tell me exactly where this should go?
Thanks all for
your time.
Jarrett
|