'Re: [FW-1] How to load policy onto SecuerClient?'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       firewall-1
Subject:    Re: [FW-1] How to load policy onto SecuerClient?
From:       Ray <sixsigma44 () HOTMAIL ! COM>
Date:       2005-09-30 23:47:43
Message-ID: BAY101-F7EE009F8DEEA935F4DD26DC8F0 () phx ! gbl
[Download RAW message or body]

You can use the administrative build and create a custom install. There's an 
SK article on doing it. Briefly you get the policy on one computer and then 
copy the files over to the administrative install source, add a line into 
PRODUCT.INI and away you go.

There's also a nice option in PRODUCT.INI where you can change one line from 
"acceptall" to "blockinbound". If there's no policy installed for whatever 
reason, it will block all inbound connections until it gets a policy 
downloaded.

While this could affect LAN connections until a policy is loaded, it does 
make it much safer to install it on a client that's directly connected to 
the Internet. It closes rthat window of opportunity between when the client 
is rebooted after the install and when it connects and downloads a policy.

HTH,

Ray

>From: cp user <checkpoint_user@YAHOO.FR>
>Reply-To: Mailing list for discussion of Firewall-1              
><FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM>
>To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM
>Subject: [FW-1] How to load policy onto SecuerClient?
>Date: Fri, 30 Sep 2005 11:18:27 +0200
>
>Hello there,
>
>I have an evaluation license for Check Point NG with
>AI (R55). I have installed SecureClient on a remote
>machine.
>How may I load policy onto the remote client?
>My SmartCenter server is connected to the LAN (behind
>a FW-1/VPN-1 gateway, and the remote client is
>connected to internet).
>
>Many thanks.
>
>
>--- cp user <checkpoint_user@yahoo.fr> a écrit :
>
> > Date: Thu, 29 Sep 2005 15:56:05 +0200 (CEST)
> > De: cp user <checkpoint_user@yahoo.fr>
> > Objet: SecuerClient: policy is not loaded
> > À: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM
> >
> > Hi all,
> >
> > I installed VPN-1 SecureClient NG with AI (R55) in a
> > windows XP pro client machine.
> >
> > The remote client connects successfully to the
> > gateway. But I am unable to logon to the policy
> > server
> > (the option "Policy > Logon to policy server" is
> > not active).
> >
> > In the SecureClient Diagnostics window, I see the
> > following:
> >     Policy is not loaded
> >     Machine is not securely configured
> >         There is no active security policy on your
> > computer. Please logon to a Policy Server to
> > download
> > the policy...
> >
> > What would you please suggest me to do?
> >
> > Regards
> >
> >
> >
> >
> >
> >
> >
>___________________________________________________________________________
> >
> > Appel audio GRATUIT partout dans le monde avec le
> > nouveau Yahoo! Messenger
> > Téléchargez cette version sur
> > http://fr.messenger.yahoo.com
> >
>
>
>
>
>
>
>
>___________________________________________________________________________
>Appel audio GRATUIT partout dans le monde avec le nouveau Yahoo! Messenger
>Téléchargez cette version sur http://fr.messenger.yahoo.com
>
>=================================================
>To set vacation, Out-Of-Office, or away messages,
>send an email to LISTSERV@amadeus.us.checkpoint.com
>in the BODY of the email add:
>set fw-1-mailinglist nomail
>=================================================
>To unsubscribe from this mailing list,
>please see the instructions at
>http://www.checkpoint.com/services/mailing.html
>=================================================
>If you have any questions on how to change your
>subscription options, email
>fw-1-owner@ts.checkpoint.com
>=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV@amadeus.us.checkpoint.com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner@ts.checkpoint.com
=================================================
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic