Re: [FW-1] VPN Secureremote routing problem

Subject:	Re: [FW-1] VPN Secureremote routing problem
From:	Chris Hoff <choff AT CORNERSTONESECURITY DOT COM>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Mon, 26 Jul 2004 08:31:55 -0500

Are all the subnets defined properly for you VPN domain? Could it be the 2 
subnets you can get to fine are directly attached to the firewall, while the 
third is off a router (WAN)? If this is the case, you would not be able to use 
the "All IP addresses behind gateway based on Topology information", but would 
need to define a group that contains all of the subnets you want to allow 
access to and then set the VPN domain to be that group.

Hope this helps,

Chris

-----Original Message-----
From: Mailing list for discussion of Firewall-1 [mailto:FW-1-MAILINGLIST AT 
AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of SIBEL MEREY
Sent: Monday, July 26, 2004 6:14 AM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: [FW-1] VPN Secureremote routing problem
Importance: High

** High Priority **

Hello,

We have got an interesting problem. We are using CP FW-1/VPN NG R55. 
secureremote R55 is installed for VPN users. We have formed a group, which is 
composed of 8 users and these users are connecting to the hosts that exist in 3 
different subnets, separately. One of these 8 users can connect 2 hosts but 
he/she cannot connect the other one. When running traceroute command in the 
direction of this host, connection goes no further than ISP router and 
"destination net unreachable" message returns. Connection from another machine 
can be done with free of problems with the same user account and same ISP. Is 
there anybody who has an opinion about this matter?

Thanks

Sibel Merey
Telekomünikasyon Mühendisi
Bilgisayar Destek Hizmetleri Müdürlüğü
Tel : 0 212 350 30 42
Fax : 0 212 350 40 42

=================================================
To set vacation, Out-Of-Office, or away messages, send an email to LISTSERV AT 
amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your subscription options, email 
fw-1-owner AT ts.checkpoint DOT com 
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] VPN Secureremote routing problem, SIBEL MEREY Re: [FW-1] VPN Secureremote routing problem, Chris Hoff <= Re: [FW-1] VPN Secureremote routing problem, Ray Re: [FW-1] VPN Secureremote routing problem, Matt Arntsen Re: [FW-1] VPN Secureremote routing problem, SIBEL MEREY Re: [FW-1] VPN Secureremote routing problem, SIBEL MEREY Re: [FW-1] VPN Secureremote routing problem, SIBEL MEREY Re: [FW-1] VPN Secureremote routing problem, Steck, Steffen M. Re: [FW-1] VPN Secureremote routing problem, Ray Re: [FW-1] VPN Secureremote routing problem, SIBEL MEREY Re: [FW-1] VPN Secureremote routing problem, Ray

Previous by Date:	[FW-1] Smartdefense and flows, Tom Stala
Next by Date:	[FW-1] AW: [FW-1] hardware requirements, Martin, Gregor
Previous by Thread:	[FW-1] VPN Secureremote routing problem, SIBEL MEREY
Next by Thread:	Re: [FW-1] VPN Secureremote routing problem, Ray
Indexes:	[Date] [Thread] [Top] [All Lists]