Re: [FW-1] Securemote DNS

Subject:	Re: [FW-1] Securemote DNS
From:	"Demetrio Leon Guerrero (DLG)" <leong AT LATTESTONE DOT NET>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Wed, 28 Jul 2004 10:48:04 -0400

In your previous configuration you may have had Split-Tunnelling
enabled.  Split-Tunnelling allows local and VPN access.

In newer versions of the VPN Client, Split-Tunnelling is turned-off
because it may open vulnerabilities to your network.


DLG


Lattestone Corporation
Phone : 703-716-1066
Fax   : 703-716-6116
Mobile: 703-328-4173

On Wed, 28 Jul 2004, Alaric Turner wrote:

> We have an intreasting problem, Laptop users use Securemote (R56) to
> connect to the corporate LAN when they are off on the raod, this works
> fine. As part of this I've got a split brain DNS setup so when resolving
> internal names the clients use an internal DNS server & all traffic is
> encrypted.
>
> However when the clients are directly connected to the LAN DNS lookups
> for internal machines never complete. Killing Securemote resolves this
> but is not ideal. What I think is happening is that the Securemote
> client is attempting to encrypt even when the machine is within the
> encryption domain. I'm sure that this didn't used to be the case when I
> used the older client (ancient version 4.0 / 4.5 ?). Using Securemote in
> Connect mode (as sugested by the Checkpoint knowledgebase)it seems to
> work but this involves more intelligence from the users..
>
> If anyone has a suggestion on how to resolve this whilst using the
> transparent mode I'd be grateful.
>
> Alaric
>
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> fw-1-owner AT ts.checkpoint DOT com
> =================================================
>

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] Securemote DNS, Alaric Turner Re: [FW-1] Securemote DNS, Demetrio Leon Guerrero (DLG) <= [FW-1] SecuRemote command line interface+ "open" windows (in transparent mode), Mateo Cabrera@SecurityAdvisor Re: [FW-1] SecuRemote command line interface+ "open" windows (in transparent mode), Huiqi_Liu Re: [FW-1] SecuRemote command line interface+ "open" windows (in transparent mode), Mateo Cabrera@SecurityAdvisor Re: [FW-1] Securemote DNS, Stefan Schweizer

Previous by Date:	Re: [FW-1] SecuRemote command line interface+ "open" windows (in transparent mode), Huiqi_Liu
Next by Date:	[FW-1] Cluster node goes "disconnected", Shane Presley
Previous by Thread:	[FW-1] Securemote DNS, Alaric Turner
Next by Thread:	[FW-1] SecuRemote command line interface+ "open" windows (in transparent mode), Mateo Cabrera@SecurityAdvisor
Indexes:	[Date] [Thread] [Top] [All Lists]