[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] VPN-1 SP2 & SecuRemote Version 4115
Is this via Securemote or internal access going through the firewall? Have you utilized the split dns document at www.checkpoint.com/~joe ? If you are speaking about getting from your internal site (10.x.x.x or equivalent) and lets say you have a web server on your external side thats 200.200.200.200 which is also natted to 10.1.1.2 If you use NetBIOS resolution, you get to the server with an internal IP address. If you try to get to the actual host, www.yourserver.com which is located at 200.200.200.200, there will be a problem. This is because the firewall always assumes it is between a host and a end server). It has to do with routing and NAT. The short answer is that you should have an internal dns for your internal hosts, and an external dns to resolve outside. Hopefully you don't currently have wins being dumped into dns, and external users can resolve EVERY host. Phoneboy has a write-up on this: Write back if you have any issues. -----Original Message----- From: Bob Bisignani [mailto:[email protected]] Sent: Thursday, September 28, 2000 12:06 PM To: [email protected]; [email protected] Subject: RE: [FW1] VPN-1 SP2 & SecuRemote Version 4115 Thomas, We had problems with DNS not working, e.g., I could get to a web server (Intranet site) if I used the netbios name (wins may have been working) but not when using the CNAME (DNS name). Thanks for your help and response. Bob >From: [email protected] >To: [email protected] >Subject: RE: [FW1] VPN-1 SP2 & SecuRemote Version 4115 >Date: Thu, 28 Sep 2000 08:51:26 -0400 > >I've found that even 4005 with fwz is ok. I;ve seen more issues with IKE. > >Thomas > >-----Original Message----- >From: Bob Bisignani [mailto:[email protected]] >Sent: Wednesday, September 27, 2000 10:21 PM >To: [email protected] >Subject: [FW1] VPN-1 SP2 & SecuRemote Version 4115 > > > > Has anyone upgraded to version 4.1 SP2 on VPN-1 while still using the >old client 4115 using FWZ? > > Thanks > >Bob >_________________________________________________________________________ >Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. > >Share information about yourself, create your own public profile at >http://profiles.msn.com. > > > >=========================================================================== = >==== > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html >=========================================================================== = >==== _________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com. begin 600 FireWall-1 FAQ- Can't Talk to Translated IP from Internal Net.url M6TEN=&5R;F5T4VAO<G1C=71=#0I54DP]:'1T<#HO+W=W=RYP:&]N96)O>2YC M;VTO9G<Q+V9A<2\P,3<Y+FAT;6P-"DUO9&EF:65D/3DP-D9$0S9#-C<R.4,P &,#$Y.`T* ` end ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|