[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] VPN-1 SecuRemote Question
Hello all, Currently wrestling to understand what is going on. I am running NT SP6a, with FW-1/VPN-1 4.1 SP2, and SecuRemote 4165 Everything is working correctly except browsing through netowrk neighborhood, which I have info on how to set up so I am not worried. But what I notice is with this setup the following happens: Policy Server on firewall, using IKE, 3DES, FW password for now. Gateway rules Inbound Rule 1: SecuRemote@Any firewall-encdomain Any Client Encrypt Long Gateways To get ping to work I have to add the following rule (I don't want ping originating from the encdomain, just responding for test): Rule 30: encdomain Any echo-reply Accept Long Gateways When I ping from my SecuRemote client I get replies as expected, and see the following in the log: decrypt "" Source Destination icmp 1 blah,blah,blah Accept "" Source Destination icmp 30 blah,blah,blah encrypt "" Destination Source icmp 2 blah,blah,blah Well rule 2 is for my webtrends LEA connection to the Firewall. Is the encrypt rule automatically rule 2? No matter, it does work so I assume it is. When I map a drive, or dir the mapped drive from the secuRemote client, I see the following: decrypt nbsession Source Destination tcp 1 blah,blah,blah But that's all I see. How is the response getting through? Is the response encrypted? Why do I need the echo-reply rule, but no rule for NBT services? thanks in advance! PDB ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|