Firewall Wizards mailing list archives
Checkpoint VPN through One valid IP
From: NHawkins () bsc-rscservices com
Date: Thu, 23 Aug 2001 10:12:55 -0400
I'm trying to do a complete solution through one valid IP (Everything from VPN, to web hosting to FTP access...etc) and so far I have everything working, but I have some VPN quirks. I have an internal network (10 network address space) hiding behind the one valid IP and it sees the I-net beautifully. The VPN actually works (my Checkpoint solution is a distributed environment - Firewall on one server, management console on another server, and GUI clients on two other seperate workstations), but it doesnt authenticate like other multi valid IP address Checkpoint environments that I support. I have a translation rule on the Firewall that incoming secure remote requests are translated to the internal management console box (FW1_TOPO service) and it authenticates at that time however when I try to access the internal network (I like to use PC Anywhere) I get a notification: "User successfully authenticated by VPN-1" then it says below "You are using an inappropriate policy. Load a new policy from your Policy Server." I do an update of the policy and everything works at that point. It seems to me that I need to either translate another service or I am not doing something correctly. In addition to this if I check the checkbox "Apply Rule Only if Desktop Configuration Options are Verified" in Properties of Client Encryption then my VPN doesnt work at that point. Any advice would be appreciated! Regards, Nate Hawkins WAN Administrator - Advanced Systems Analyst. Beaumont Services Company L.L.C. _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Checkpoint VPN through One valid IP NHawkins (Aug 24)
- <Possible follow-ups>
- RE: Checkpoint VPN through One valid IP Kalat, Andrew (ISS Atlanta) (Aug 26)