[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [FW1] SecRemote: No answer received ...
I have seen a similar problem when using the V4.1 client on Win 9x, dropping
back to the 4.0 client normally solves it.. (assuming that the problem
relates to attempting to configure a Secureremote client)
Alaric Turner, European WAN analyst
> -----Original Message-----
> From: Chilton Tim [SMTP:[email protected]]
> Sent: 23 January 2001 14:35
> To: 'Christoph Nagelreiter'; Secure 1 Mailing List (E-Mail)
> Subject: RE: [FW1] SecRemote: No answer received ...
>
>
> I received this from someone who preferred to (has to :->) remain
> anonymous,
> posting on their behalf.
>
> RAM upgrade will make the VPN run much better. Ask your VAR about
> CPVA-A440-256M-D; 256MB DIMM Upgrade Kit (this is the number for a 440)
> There's also a Nokia Hardware accellerator card...don't know the price
> though....
>
>
> -----Original Message-----
> From: Chilton Tim [mailto:[email protected]]
> Sent: 23 January 2001 13:36
> To: 'Christoph Nagelreiter'; Secure 1 Mailing List (E-Mail)
> Subject: RE: [FW1] SecRemote: No answer received ...
>
>
>
> Hi,
>
> Check that following :-
>
> 1. Do you have the IP address of the firewall's external interface listed
> in
> the first page of the firewall object
>
> 2. Does the IP NAT pool have a routing entry at OS level that maps it to
> the
> fw object, also does the internal network know where to route this network
> to ?
>
> 3. what does the firewall log say ?
> Look for any deauthorise type events
> Note that you need to turn this on with
> Policy, Properties, Log implied rules
> Policy, IP NAT Pool, Log address allocation and release
> On the client encrypt rule you have - select long logging.
>
> 4. If you are trying to use IKE then you can only download the topology
> from
> outside your network (ie dialed up) - whereas FWZ allows this internally
> and
> externally.
>
> 5. Ensure that you only have ONE default gateway on your firewall - this
> should be at OS level and only on the Internet facing interface, all other
> interfaces have no default gateway.
>
> You also don't need to modify the HOSTS file for the topo download,
> although
> you will want DNS/WINS to work for network browsing - this is not your
> first
> problem though.
>
> Is the rest of the FW working OK or is it only doing VPN comms ?
>
> HTH
>
> Cheers
>
> Tim
>
> -----Original Message-----
> From: Christoph Nagelreiter [mailto:[email protected]]
> Sent: 23 January 2001 09:13
> To: Secure 1 Mailing List (E-Mail)
> Subject: [FW1] SecRemote: No answer received ...
>
>
>
> Hi,
>
> After i downloaded the topology, i�m always getting the same error
> message:
>
> No answer received from a FireWall at site x
>
> Firewall configuration:
>
> FWZ encryption (--> encapsulation), IP Nat Pool (private ip), Users (FW-1
> password), encdomain(our intranet)
>
> Client configuration:
>
> encryption FWZ, it�s possible to get an update from fw-1, set password (
> but
> i don�t get a logon confirmation!)
>
>
> Do i have a routing problem?
> Where do i configure my firewall as default gateway?
> Do i have to modify the hosts-file at the client?
>
> Thank you.
>
> chris
>
<snip>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This e-mail and any attachments thereto may contain
information which is confidential and/or protected by
intellectual property rights and are intended for the
sole use of the recipient(s) named above. Any use of
the information contained herein (including, but not
limited to, total or partial reproduction, communication
or distribution in any form) or the taking of any action
in reliance on the contents, by persons other than the
designated recipient(s) is strictly prohibited.
If you have received this e-mail in error, please notify
the sender either by telephone or by e-mail and delete
the material from any computer.
Thank you for your cooperation.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================