[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] Sending FW-I GUI Client traffic through a SecureClient VPN
If you're management console has an SSH server installed, consider doing this: http://www.sudoers.com/people/cmarnold/projects/ssh/index.html Chris --- Tim Jones <[email protected]> Sent by: Mailing list for discussion To: [email protected] Subject: [FW-1] Sending FW-I GUI Client traffic through a SecureClient VPN Hello. I'm having two issues with FW-I 4.1, SecureClient, and the FW-I GUI client that I'm hoping someone can help me with. Here they are: 1) Our VPN encryption domain is 192.168.0.0/16. One of the management station's interfaces uses an IP in this range; however, when trying to connect to that IP with the GUI client while connected to the VPN, it doesn't work. It seems that the traffic doesn't try to go through the VPN despite the fact that the destination address is in the encryption domain. When pinging the IP, however, the traffic does indeed go through the VPN, and the ping is successful. I ran across this link: http://support.checkpoint.com/public/publisher.asp?id=faf384f6-d59e-11d4 -a57a24&resource &number=4&isExternal=0. It only deals with NG, however -- the crypt.def entry that it references isn't present on our management station. So, is there any way to tell GUI client traffic to go though the VPN with version 4.1? 2) Our management station also has an external, routeable IP address. For whatever reason, it's possible for me to connect to the GUI client via this IP address while connected to the VPN using an "Encryption Only" policy. This external IP isn't in the encryption domain, however, and nothing else outside the encryption domain is accessible in this manner. Does anyone know why this is the case, and, how to prevent it? All help is appreciated. Thanks! __________________________________________________ Do You Yahoo!? Send your FREE holiday greetings online! http://greetings.yahoo.com =============================================== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html =============================================== =============================================== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html =============================================== ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|