Firewall-1
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[FW-1] Office Mode IP assignment (ipassignment.conf)

from Gerson Levitz [Permanent Link]
Subject: [FW-1] Office Mode IP assignment (ipassignment.conf)
From: Gerson Levitz <glevitz AT GMAIL DOT COM>
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date: Thu, 31 Mar 2005 09:56:38 +0200 
Hi all,

I have office mode working with manual assignment which is working fine.

I recently had the need to provide a small group of users with
addresses from a different range.

I modified the ipassignment.conf file as required. (At first the range
for the group only had two addresses.)

When I tested it first with user1 I got the first address in the range
then I tested it with user2 and got the second address. (user2 is the
actual user who will be connecting)

I then called the actual end user who is half way around the world and
when he tried with user2 he got an address from the pool of addresses
configured in Smart Dashboard and not from the range of addresses
configured in the ipassignment.conf file.

After some time the user got the address from the ipassignment.conf file.

My questions are:

1. It appears that the FW Module assigns the IP addresses not only
based upon user name but also based upon some other piece of
information. Does anyone know what this other information is?
(external IP address, external mac address, cookie on the client, etc)

2. Once an address has been assigned to a user from the
ipassignment.conf, how long does it keep that address resevered for
that user/machine combination even after the user has disconnected
from the VPN?

3. Is there anyway to see what Addresses are in use or still being
reserved on the FW Module?

4. Is there a command to clear the existing addresses that are not
currently being used but are still reserved?

Thanks

Gers(h)on

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [FW-1] Using HTTP Proxies, Elsen Marc
Next by Date:  [FW-1] Cluster XL, Jason Cameron
Previous by Thread:  [FW-1] Problems With Static NAT and ARP, Diego F. Lastra S.
Next by Thread:  Re: [FW-1] Office Mode IP assignment (ipassignment.conf), Ray
Indexes:  [Date] [Thread] [Top] [All Lists]