[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] Securemote (build 4199) on Win2k server not working
Hi, The only place I have seen this behavior is when the client is behind NAT, and IPsec pass through is not set up properly in the clent side firewall. What happens is the user can authenticate ok, gets the message that he has been authenticated via secure remote. But the key exchange does not occure properly. Another possibility is the encryption of the client does not match the encryption of the VPN This causes authentication to happen with SecuRemote, but you cannot access anything inside the encryption domain. I may be totally missing your problem here, so forgive me if this is way off. Ken. -----Original Message----- From: Alan Choyna [mailto:[email protected]] Sent: Tuesday, June 04, 2002 10:06 AM To: [email protected] Subject: [FW-1] Securemote (build 4199) on Win2k server not working Hi people. We're running an ip440 with 4.1 SP3 and am trying to get an affiliate company to VPN into our network. He's using Securemote (Build 4199) on Win2k Server, and is sitting behind a Nokia IP330. I can see him authenticate when he updates his policy, but he cannot ping, ftp (or anything for that matter) any machine within our network. He can access everything fine from home, and the FW guy there has assured me that he's opened up the correct ports between his network and our FW1 boxes external ip (he says there are no rejects or drops when he attempts to ping or FTP). When he does a trace route on our FW's ip, it works fine, however the trace route on one of the internal boxes totally fails, not even showing the FW. Only the policy updates and authentication shows up in our logs. Not the ping or FTP attempts. Has anyone had issues with Securemote and Win2k server? Any suggestions? Thanks in advance, Alan. ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|