[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] SecuRemote and DNS
Thanks for all of your inputs, i have couple more questions .... If a secuRemote client is connected to my Internal network/Enc Domain using an ISP and let's assume that i configure them as a WINS client, what's the order in which name resolution will be done considering the fact that we have ISP's DNS server ( recd as part of the dialup PPP session established with the ISP) and WINS server configured on the client (being a WINS client) ...whether DNS erver will be usd or WINS server ??? As an example let's say my laptop should connect to my mail server ( let's call it as "myexchange" having an ip address of 192.168.1.1) and i have setup securemote properly and can get to the server using the IP address.If i are to use the name "myexchange" will the client apps (Outlook) will use WINS first to resolve the name??? The follow up question is, should i have to configure the WINS client with a routable IP address and NAT them to it's actual RFC 1918 address on the FW or use non-routable IP address directly. Thanks Muthu -----Original Message----- From: Fowler, Chris [mailto:[email protected]] Sent: Wednesday, January 23, 2002 11:37 AM To: [email protected] Subject: Re: [FW-1] SecuRemote and DNS If I understand your question, you want to be able to resolve host names on SecuRemote clients without a hosts file and you are running split (internal and external) DNS.. the method I am using is to configure the client with a WINS server and add static entries in the WINS server for all non-M$ (*nix) machines. this allows for centralized management of the database; unlike a hosts file which would be difficult to update. Chris Fowler -----Original Message----- From: Muthuraja Ayyanar [mailto:[email protected]] Sent: Wednesday, January 23, 2002 9:37 AM To: [email protected] Subject: [FW-1] SecuRemote and DNS Hi All , I would like to know how to make a SecuRemote client to use internal DNS server for resolving domain names of the resources inside the encryption domain and use the ISP's DNS for resolving Intername Domain names.Since the topology information SecuRemote downloads is basd on IP numbers, (application will be able to make use of the SecuRemote VPN only if the application knows the IP number of the resource) let's say an applications needing to resolve say a server whose domain name is www.mycompany.com which is in the inside network or part of encryption domain how will the traffic will be encrypted if the name can't be resolved to the IP address. Also we can take MS Outlook as an example , let's say i have a MS Exchange server inside of my network and my encryption domain encompasses the MS exchange server and when i connect to my CP VPN-1 server usng SecuRemote using an ISP i get the topology of the enc domain, but how will my outlook client will be able to get to my mailstore if the server name can't be resolved. I don't know if hosts file is the only option. Appreciate your thoughts on this issue, Muthu ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|