'Re: [FW-1] URGENT - SecureClient Issue'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       firewall-1
Subject:    Re: [FW-1] URGENT - SecureClient Issue
From:       Christopher McGill <christophermcgill2007 () GOOGLEMAIL ! COM>
Date:       2007-03-28 6:25:53
Message-ID: d2a1004f0703272325h5452a05bpcf4ea18f11f2636a () mail ! gmail ! com
[Download RAW message or body]

It is located under - VPN-1 Gateway object > Advanced > Connection
Persistency.  Just incase someone else references this post in the future.

On 3/28/07, Christopher McGill <christophermcgill2007@googlemail.com> wrote:
>
> Thank you for your time and help. I will give it ago.
>
> On 3/28/07, Ray <sixsigma44@hotmail.com> wrote:
> >
> > I can't remember where it is right now in the global properties, but you
> > need to make sure it's set to rematch the connections on policy install.
> > If
> > it's not keeping or rematching, you'll get dropped.
> >
> > Keeping is a bad option. If an existing connection is now disallowed by
> > the
> > new security policy, the connection will remain active until it ends
> > itself.
> >
> > Ray
> >
> >
> > >From: Christopher McGill <christophermcgill2007@GOOGLEMAIL.COM>
> > >Reply-To: Mailing list for discussion of Firewall-1
> > >< FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM>
> > >To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM
> > >Subject: [FW-1] URGENT - SecureClient Issue
> > >Date: Tue, 27 Mar 2007 10:59:53 +0100
> > >
> > >Hi,
> > >
> > >  I have setup a SecureClient RemoteAccess VPN to a customer's
> > >SMARTCenter/Enforcement Module (Stand-Alone Deployment), I am
> > >authenticating
> > >myself with LDAP.  I am getting authenticated fine, able to ping a host
> > in
> > >the VPN Domain.  I am trying to manage the enfrocement module, I can
> > >connect
> > >with SMARTDashboard fine, but when I try to install the policy I am
> > getting
> > >disconnected.  I have even tried install the current policy with no
> > >changes.  Here are my security policy and desktop security policy rules
> > >relating to this:
> > >
> > >VPN-Users    BELFAST_GW0023          Remote-AccessCommunity    Any
> > Accept
> > >                     VPN_Networks_Group
> > >
> > >
> > >Desktop Security Policy:
> > >
> > >Inbound:  None
> > >
> > >Outbound:
> > >
> > >  VPN-Users   BELFAST_GW0023 + VPN_Networks_Group  Any Encrypt
> > >
> > >
> > >The rulebase was not set to any, it limited protocol inbound, I set
> > this to
> > >any troubleshoot.
> > >
> > >My understanding is this is all that should be needed, implied rules on
> > the
> > >desktop security policy let traffic from the client pass.  And
> > the  module
> > >is set to accept remote/checkpoint control connections.
> > >
> > >
> > >Any help would be great.  Thanks
> > >
> > >=================================================
> > >To set vacation, Out-Of-Office, or away messages,
> > >send an email to LISTSERV@amadeus.us.checkpoint.com
> > >in the BODY of the email add:
> > >set fw-1-mailinglist nomail
> > >=================================================
> > >To unsubscribe from this mailing list,
> > >please see the instructions at
> > >http://www.checkpoint.com/services/mailing.html
> > >=================================================
> > >If you have any questions on how to change your
> > >subscription options, email
> > >fw-1-owner@ts.checkpoint.com
> > >=================================================
> >
> > _________________________________________________________________
> > Get a FREE Web site, company branded e-mail and more from Microsoft
> > Office
> > Live! http://clk.atdmt.com/MRT/go/mcrssaub0050001411mrt/direct/01/
> >
> > =================================================
> > To set vacation, Out-Of-Office, or away messages,
> > send an email to LISTSERV@amadeus.us.checkpoint.com
> > in the BODY of the email add:
> > set fw-1-mailinglist nomail
> > =================================================
> > To unsubscribe from this mailing list,
> > please see the instructions at
> > http://www.checkpoint.com/services/mailing.html
> > =================================================
> > If you have any questions on how to change your
> > subscription options, email
> > fw-1-owner@ts.checkpoint.com
> > =================================================
> >
>
>

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV@amadeus.us.checkpoint.com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner@ts.checkpoint.com
=================================================
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic