[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] Problem with enabling UDP Encryption for SecuRemote
I am attempting to configure UDP encapsulation for SecuRemote as specified in the PhoneBoy FAQ, to try and get a vendor VPN connection working from within their network and am experiencing a problem that I hope someone here can help with. After modifying objects.C as specified in the document, and sending a new userc.c file to the vendor, when he connects to our network, I see the successful authentication, and am initial Decrypt packet for the connection he is attempting , however he is still unable to connect to the internal resource on our network. When I look in the Firewall logs I see the following packet Action: Drop Service: VPN1_IPSEC_encapsulation Source: my firewall's internal Interface Destination: Vendor's Internet address Protocol: UDP Rule: 0 Info: reason: local interface address spoofing I have tested the VPN connection from an ADSL router connected directly to the Internet and did not experience any VPN problems. I do not have any anti-spoofing rules enabled on any of the Firewall's Interfaces, (All interfaces allow ANY addresses.) Any ideas on why this may be happening, and what if anything I may be able to do to correct this. I am running FW1 4.1-SP4 on WinNT 4.0 sp 6a Thanks Shawn ====================================== Shawn Kearley Infrastructure Analyst Newfoundland Power Co. Ltd. Phone:Fax:Email: [email protected] ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|