Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] AW: [FW-1] Split / Encrypted DNS (SecuRemote)

To: [email protected]
Subject: Re: [FW-1] AW: [FW-1] Split / Encrypted DNS (SecuRemote)
From: Jesus Calvo Hernandez <[email protected]>
Date: Mon, 3 Dec 2001 14:10:13 +0100
In-reply-to: <E29FD39315B3D311940900A0C9E5B3010CF191@NT-SERVER-009>
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

Hi all

Finally I got it working:

I added the line to the file dnsinfo.C on my management station and the one
on the crypt.def on the gateway (I´ve got a distributed environment)

I added the lines on the userc.c on the securemote machine (but when
reloading the securemote it complained about the database being corrupted
so it reverted to the original configuration, my version is 4199 so I
suppose it does not apply here, in fact it is of no use).

And put on the dns configuration of the ppp adapter my internal dns as
primary and one isp external dns as secondary;

after that updated the site and everything worked; updating again it keeps
working

I´m using IKE and force udp encapsulation on IKE checked.

My firewall is version 4.1

regards

Jesus Calvo

At 11:24 03/12/2001 +0100, you wrote:

Hello Max,
we're still back at 4.0. So it might well be a
different story with NG and the document
http://support.checkpoint.com/kb/docs/public/securemote/4_0/pdf/sr-dns.pdf
might not apply.

Andy

> -----Ursprüngliche Nachricht-----
> Von: [email protected] [mailto:[email protected]]
> Gesendet am: Sonntag, 2. Dezember 2001 17:16
> An: [email protected]
> Betreff: Re: [FW-1] Split / Encrypted DNS (SecuRemote)
>
> Hello ReischleA,
> What version of Fw-1 do you use?
>
> Split DNS have a huge number of problems on NG (probably some has
> been solved on FP1).
>
> Best Regards,
>      MaX
>
> Saturday, December 01, 2001, 1:58:25 PM, you wrote:
>
> RAOD> Should be ok if you follow the instructions and
> RAOD> change it on the FW-1 as well. It works fine here.
>
> RAOD> Regards,
> RAOD> Andy
>
> >> -----Original Message-----
> >> From: Jesus Calvo Hernandez [mailto:[email protected]]
> >> Sent: Saturday, December 01, 2001 12:44 PM
> >> To: [email protected]
> >> Subject: Re: [FW-1] Split / Encrypted DNS (SecuRemote)
> >>
> >>
> >> Hi
> >>
> >> just one question:
> >>
> >> what happens when you update the site?
> >>
> >> As far as I know these two lines are lost as the userc.C is
> >> overwriten,
> >> so you are in the beginning again
> >>
> >> thanks to all  and regards
> >>
> >>
> >>
> >> ----- Original Message -----
> >> From: Chris H <[email protected]>
> >> Date: Friday, November 30, 2001 5:31 pm
> >> Subject: Re: [FW-1] Split / Encrypted DNS (SecuRemote)
> >>
> >> > Yes
> >> > Did you add the :dns_xlate (true)
> >> >                :dns_encrypt (true)
> >> >
> >> > to your userc.C file?
> >> >
> >> > --- "Johnson, Doug (ISS Atlanta)" <[email protected]>
> >> > wrote:
> >> > > I'm working on setting up Encrypted DNS for
> >> > > SecuRemote in preparation for
> >> > > setting up Split DNS.  However, I haven't had any
> >> > > success so far.  I don't
> >> > > see any domain-udp decryptions showing up in my log
> >> > > viewer, so I'm guessing
> >> > > there is a problem with the encryption (or lack
> >> > > thereof) on the client side.
> >> > >
> >> > > Has anyone else had any success?
> >> > >
> >> > > Doug Johnson
> >> > > Internet Security Systems
> >> > > Sr. Network Engineer
> >> > > <mailto:[email protected]>
> >> > > <" target="l">http://www.iss.net/>
> >> > >
> >> > > ===============================================
> >> > > To unsubscribe from this mailing list,
> >> > > please see the instructions at
> >> > > http://www.checkpoint.com/services/mailing.html
> >> > > ===============================================
> >> >
> >> >
> >> > __________________________________________________
> >> > Do You Yahoo!?
> >> > Yahoo! GeoCities - quick and easy web site hosting, just
> >> $8.95/month.
> >> > http://geocities.yahoo.com/ps/info1
> >> >
> >> > ===============================================
> >> > To unsubscribe from this mailing list,
> >> > please see the instructions at
> >> > http://www.checkpoint.com/services/mailing.html
> >> > ===============================================
> >> >
> >>
> >> ------------------------------------------------------------------
> >> This email is confidential and intended solely for the use of
> >> the individual to whom it is addressed. Any views or opinions
> >> presented are solely those of the author and do not
> >> necessarily represent those of SchlumbergerSema.
> >> If you are not the intended recipient, be advised that you
> >> have received this email in error and that any use,
> >> dissemination, forwarding, printing, or copying of this email
> >> is strictly prohibited.
> >> ------------------------------------------------------------------
> >>
> >> ===============================================
> >> To unsubscribe from this mailing list,
> >> please see the instructions at
> >> http://www.checkpoint.com/services/mailing.html
> >> ===============================================
> >>
>
> RAOD> ===============================================
> RAOD> To unsubscribe from this mailing list,
> RAOD> please see the instructions at
> RAOD> http://www.checkpoint.com/services/mailing.html
> RAOD> ===============================================
>
>
>
> --
> Best regards,
>  MaXsecurity
mailto:[email protected]

===============================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
===============================================

===============================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
===============================================


Jesus Calvo
SchlumbergerSema Spain
Albarracin 25
28037-Madrid

------------------------------------------------------------------
This email is confidential and intended solely for the use of the individual to whom it is addressed. Any views or opinions presented are solely those of the author and do not necessarily represent those of SchlumbergerSema.
If you are not the intended recipient, be advised that you have received this email in error and that any use, dissemination, forwarding, printing, or copying of this email is strictly prohibited.
------------------------------------------------------------------

===============================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
===============================================

References:
- [FW-1] AW: [FW-1] Split / Encrypted DNS (SecuRemote)
  - From: [email protected]

Prev by Date: [FW-1] anyone using webmanager ?
Next by Date: [FW-1] DNS Stop Running caused by FW Checkpoint NG
Previous by thread: [FW-1] AW: [FW-1] Split / Encrypted DNS (SecuRemote)
Next by thread: Re: [FW-1] AW: [FW-1] Split / Encrypted DNS (SecuRemote)
Index(es):
- Date
- Thread