[FW-1] XlateSrc, RemoteAccess (VPN):DOUBT

Subject:	[FW-1] XlateSrc, RemoteAccess (VPN):DOUBT
From:	Cassio David Pereira <cassio.pereira AT EDINFOR.COM DOT BR>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Fri, 24 Sep 2004 11:22:36 -0300

Hi,

I'am having a little problem with Remote Access (VPN).
I'am using ipassignment.conf to assign a specific address to me when I get
a connection (vpn).
Everything it is work very well, but always when I get a connection, the ip
assigned to me is translated to other.

The informations are in the log bellow. Why the ip is translated (column
XlateSrc)?

Because this, when I try to connection to any host that I opened a access
like ssh to ip assigned in ipassignment.conf, the logs of that machine show
me the XlateSrc.

The ipassignment.conf configuration:
wall        addr  192.168.1.15                        userxxx

External interface: eth4
Internal interface from the enforcement module: 172.16.30.70
My vpn network: 192.168.1.0/24
Appointed ip in ipassignment.conf: 192.168.1.15
Translated ip (xlatesrc): 192.168.1.1
My internal network: 172.16.40.0/24

Number:                 183151
Date:                   24Sep2004
Time:                   10:00:39
Product:                VPN-1 & FireWall-1
Interface:              eth4
Origin:                       wall 172.16.30.70
Type:                   Account
Action:                       Decrypt
Service:                nbname (137)
Source:                       192.168.1.15
Destination:                  serverxxx 172.16.40.56
Protocol:               udp
Rule:                   1
NAT rule number:        0
NAT additional rule number:   0
Source Port:                  nbname (137)
User:                   userxxx
Source Key ID:                0x73167b7f
Elapsed:                0:01:19
Bytes:                        9696
XlateSrc:               192.168.1.1
Client Inbound Bytes:         4896
Client Outbound Bytes:              4800
Server Inbound Bytes:               2700
Server Outbound Bytes:        2880
Client Inbound Packets:             30
Client Outbound Packets:      30
Server Inbound Packets:       30
Server Outbound Packets:      30
Encryption Scheme:                  IKE
VPN Peer Gateway:                   200-98-146-91.tlf.xxxxxx.com
(200.98.146.91)
Encryption Methods:                 ESP: AES-256 + SHA1 + DEFLATE
Packets:                60
Start Time:             24Sep2004 10:00:39
Information:                  segment_time: 24Sep2004 10:00:39

Somebody could help me?

Regars,

Cassio

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] XlateSrc, RemoteAccess (VPN):DOUBT, Cassio David Pereira <= Re: [FW-1] XlateSrc, RemoteAccess (VPN):DOUBT, Previtera, Sal

Previous by Date:	Re: [FW-1] Hub Mode, José María Gabaldón
Next by Date:	[FW-1] IPSO 3.8 in a cluster, Moe Behlim
Previous by Thread:	[FW-1] WindowsUpdate fails after last SmartDefense Update, Sascha Picchiantano
Next by Thread:	Re: [FW-1] XlateSrc, RemoteAccess (VPN):DOUBT, Previtera, Sal
Indexes:	[Date] [Thread] [Top] [All Lists]