I'm using SecureClient R55 HFA04 & NGX in Hub Mode on an R55 gateway. It
works great. Now I need to add a rule so that clients that are VPNed in can
access an FTP site on the Internet, something we have never needed before.
Formerly all resources were in the encryption domain only.
The remote access community rule is OK and the desktop security policy rule
is OK. SmartView Tracker shows the traffic is being accepted, but the
connections never work, they just time out. It doesn't matter if I'm using
FTP, SSH or even ICMP.
Runnin ipconfig /all on the client shows something odd, though. I'm using
IP Pools and Office Mode and have xxx.xxx.133.0/24 (a routable address) as
the Office Mode pool. I routinely see xxx.xxx.133.1 assigned to a remote
access client as its Office Mode address, but ipconfig /all is showing
xxx.xxx.133.1 as my default gateway.
Does anyone know if this is something broken in Office Mode & Hub Mode or
whether its just a display oddity?
Thanks,
Ray
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
