Re: [FW-1] How to auto-authenticate Win2k and Mac OS10 VPN to FW.

Subject:	Re: [FW-1] How to auto-authenticate Win2k and Mac OS10 VPN to FW.
From:	"Covington, Chris" <ccovington AT PLUSONE DOT COM>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Sat, 26 Feb 2005 12:47:01 -0500

You can certainly create a tunnel between the FW-1 and a non-enterprise
firewall.  We have about 10 VPNs between our datacenter firewall (a
super-SPLAT box) and at our sites little $500 Cisco 831s that work
perfectly.


---
Chris Covington
IT
Plus One Health Management
75 Maiden Lane Suite 801
NY, NY 10038
646-312-6269
http://www.plusoneactive.com

-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of Alan
Choyna
Sent: Saturday, February 26, 2005 12:04 AM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: Re: [FW-1] How to auto-authenticate Win2k and Mac OS10 VPN to
FW.

Thanks for your response Ray (you have been prolific today).

One of the sites runs FW1, but l don't as yet know which version they
are running.

l have set up tunnels between 2 FW1 firewalls, but am not sure whether l
could create a tunnel between FW1 and a non-enterprise (more limited
functionality) Firewall? l will get more info on Monday to determine
which type of Firewall they are running.

Certificates not an option? It's oly 1 server per site l am interested
in connecting.

Thanks,

Alan

At 07:13 PM 2/25/2005, you wrote:
>This sounds more like a site-to-site activity. Is that possible? You
>could limit the source and destination IPs in the rule.
>
>Ray
>
>>From: Alan Choyna <achoyna AT PATHF DOT COM>
>>Reply-To: Mailing list for discussion of Firewall-1
>><FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>
>>To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
>>Subject: [FW-1] How to auto-authenticate Win2k and Mac OS10 VPN to FW.
>>Date: Fri, 25 Feb 2005 17:42:14 -0600
>>
>>We are running SPLAT R55 HFA9 with securemote R56.
>>
>>We have some Win2k servers that need to push info to a server behind
>>our gateway from an affiliate company 24/7 reliably.
>>
>>We installed Securemote, and the users authenticate via user id and
>>password, and have configured securemote to auto authenticate. This is

>>not entirely reliable though, and every few days (2-3) securemote asks

>>for manual re-authentication. Is this a known problem?
>>
>>Any suggestions of how to make the auto authentication more reliable?
>>
>>Would authentication via certificate be more reliable in this manner?
>>If so, how do we set it up?
>>
>>Thanks in advance for any advice or input.
>>
>>Alan.
>>
>>=================================================
>>To set vacation, Out-Of-Office, or away messages, send an email to
>>LISTSERV AT amadeus.us.checkpoint DOT com
>>in the BODY of the email add:
>>set fw-1-mailinglist nomail
>>=================================================
>>To unsubscribe from this mailing list, please see the instructions at
>>http://www.checkpoint.com/services/mailing.html
>>=================================================
>>If you have any questions on how to change your subscription options,
>>email fw-1-owner AT ts.checkpoint DOT com
>>=================================================
>
>=================================================
>To set vacation, Out-Of-Office, or away messages, send an email to
>LISTSERV AT amadeus.us.checkpoint DOT com
>in the BODY of the email add:
>set fw-1-mailinglist nomail
>=================================================
>To unsubscribe from this mailing list,
>please see the instructions at
>http://www.checkpoint.com/services/mailing.html
>=================================================
>If you have any questions on how to change your subscription options,
>email fw-1-owner AT ts.checkpoint DOT com
>=================================================

=================================================
To set vacation, Out-Of-Office, or away messages, send an email to
LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your subscription options,
email fw-1-owner AT ts.checkpoint DOT com
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] How to auto-authenticate Win2k and Mac OS10 VPN to FW., Alan Choyna Re: [FW-1] How to auto-authenticate Win2k and Mac OS10 VPN to FW., Ray Re: [FW-1] How to auto-authenticate Win2k and Mac OS10 VPN to FW., Alan Choyna Re: [FW-1] How to auto-authenticate Win2k and Mac OS10 VPN to FW., Ray Re: [FW-1] How to auto-authenticate Win2k and Mac OS10 VPN to FW., Covington, Chris <=

Previous by Date:	Re: [FW-1] Best OS on management station., Rob Schrack
Next by Date:	Re: [FW-1] How to auto-authenticate Win2k and Mac OS10 VPN to FW., Ray
Previous by Thread:	Re: [FW-1] How to auto-authenticate Win2k and Mac OS10 VPN to FW., Ray
Next by Thread:	Re: [FW-1] Default policy in secure client, Tinu Koshy
Indexes:	[Date] [Thread] [Top] [All Lists]