Firewall Wizards mailing list archives
SecureClient netbios broadcast on office mode connection
From: David West <davidawest () gmail com>
Date: Mon, 24 Oct 2005 17:02:50 +1000
Hi all, I have a problem with SecureClient when using a USB mobile broadband CDMA device for Internet connectivity. I don't think the problem is particular to the network transport or the device used for the connection, but a problem with SecurClient and this particular interface. I connect to my ISP using a regular dial-up networking connection. My isp assigns me a private address for the connection (eg. 10.x.x.x), this is obviously NAT'd to a public address when I access the Internet. When I use SecureClient to connect to VPN the connection drops. Looking at a packet capture on the client, SecureClient connects (office mode), authenticates and does a netbios broadcast to my vpn ip pool broadcast address with a source address from my IP pool (eg. SRC: 192.168.101.1 > DST: 192.168.101.255). This broadcast triggers anti-spoofing rules at my ISP and a ppp renegotiation, which tears down the connection and consequently the VPN fails. I've tested and can reproduce this behaviour with clients using Windows XP SP1 and SP2, with and without Windows firewall enabled. I've tested many client changes, including disabling netbios over tcp/ip for the dialup networking connection, changing the netbios node type and disabling services (server, netlogon, workstation, computer browser, tcp/ip netbios helper), all to no avail. Disabling services to prevent netbios does work, but break other Windows functionality. I have a call open with Checkpoint support, but it's getting nowhere. Any help would be appreciated. Enforcement modules are NG FP3 and SecureClient is R56-HFA03-B619. Cheers, David _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- SecureClient netbios broadcast on office mode connection David West (Oct 30)