Firewall Wizards mailing list archives
RE: VPN client accessing wrong IP address.
From: "LE CORVIC Y InfoEdpEtcDep" <Yoann.Le-Corvic () socgen com>
Date: Mon, 31 Mar 2003 09:45:34 +0200
Hi all.
I notices somthing strange. For on of my sites, which is working, I notices a few line taht are not in the second site
(that is not working...) :
=================================================================
:allowed_interface_ranges (
: (10.10.10.internal
:allowed_range (
: (
:type (machines_range)
:ipaddr_first (10.10.10.128)
:ipaddr_last (10.10.10.255)
)
)
:is_ext (false)
:is_natted (false)
)
: (10.10.10.external
:allowed_range (
: (
:type (machines_range)
:ipaddr_first (0.0.0.0)
:ipaddr_last (10.10.10.127)
)
: (
:type (machines_range)
:ipaddr_first (10.10.11.0)
:ipaddr_last (255.255.255.255)
)
)
:is_ext (true)
:is_natted (false)
)
)
:resolve_interface_ranges (true)
==========================================================================
I tried to add those in the userc.c of the broken site, restarted the services, and it worked, I could update it. But
at the first update, the fils was overwritten,and the setting disappeared.
Where do those settings come from ?
THanks
-----Message d'origine-----
De : LE CORVIC Y InfoEdpEtcDep
Envoyé : vendredi 28 mars 2003 15:08
À : 'firewall-wizards
Objet : [fw-wiz] VPN client accessing wrong IP address.
Hi
I am having a problem with Checkpoint VPN.
Sometimes, and I am hoping someone out there knows why, the Securemote client is trying to access the private interface
of the VPN Gateway rather the the public one.
Basically, I can create the site OK, bur If I then do an update, or try to open the tunnel, IKE packets are going to
the private interface, and of course, they are dropped.
Any ideas are very welcome.
Cdlt
*************************************************************************
Ce message et toutes les pièces jointes (ci-après le "message") sont
confidentiels et établis à l'intention exclusive de ses destinataires.
Toute utilisation ou diffusion non autorisée est interdite.
Tout message électronique est susceptible d'altération.
La SOCIETE GENERALE et ses filiales déclinent toute responsabilité au titre de ce message s'il a été altéré, déformé ou
falsifié.
********
This message and any attachments (the "message") are confidential and
intended solely for the addressees.
Any unauthorised use or dissemination is prohibited.
E-mails are susceptible to alteration.
Neither SOCIETE GENERALE nor any of its subsidiaries or affiliates shall be liable for the message if altered, changed
or falsified.
*************************************************************************
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
*************************************************************************
Ce message et toutes les pièces jointes (ci-après le "message") sont
confidentiels et établis à l'intention exclusive de ses destinataires.
Toute utilisation ou diffusion non autorisée est interdite.
Tout message électronique est susceptible d'altération.
La SOCIETE GENERALE et ses filiales déclinent toute responsabilité au titre de ce message s'il a été altéré, déformé ou
falsifié.
********
This message and any attachments (the "message") are confidential and
intended solely for the addressees.
Any unauthorised use or dissemination is prohibited.
E-mails are susceptible to alteration.
Neither SOCIETE GENERALE nor any of its subsidiaries or affiliates shall be liable for the message if altered, changed
or falsified.
*************************************************************************
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- VPN client accessing wrong IP address. LE CORVIC Y InfoEdpEtcDep (Mar 28)
- <Possible follow-ups>
- RE: VPN client accessing wrong IP address. LE CORVIC Y InfoEdpEtcDep (Mar 31)