Firewall-1
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[FW-1] Clientless VPNs and multiple certificates

from Michael Kelly (HRG) [Permanent Link]
Subject: [FW-1] Clientless VPNs and multiple certificates
From: "Michael Kelly (HRG)" <Michael.Kelly AT STORTEXT DOT COM>
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date: Wed, 28 Sep 2005 13:00:05 +0100 
Hi all,
Our environment is Checkpoint Express NG AI R55
Reading the documentation, it seems that the only way to do content
inspection on inbound HTTPS traffic is to enable Clientless VPN.
However I have two web servers in the DMZ  Each has a different FQDN which
resolve to different public IP addresses. These addresses are NAT'ed on the
firewall.
Each server has its own X.509 certificate.
Looking at the configuration options for Clientless VPN, it seems that I can
only specify one certificate.
Does this mean that I can't use Clientless VPN to do content inspection on
more that one HTTPS server?
Or have I completely misunderstood the concept of Clientless VPN?
 
Thanks in advance,
Michael.


****************************************************************************
******* 

This email and any files transmitted with it are confidential and may be
legally privileged and are intended solely for the use of the individual or
entity to whom they are addressed. If you are not the intended recipient
please note that any disclosure, distribution, or copying of this email is
strictly prohibited and may be unlawful. If received in error, please delete
this email and any attachments and confirm this to the sender. 

Although Stortext FM operates anti-virus programs and this email has been
scanned it does not accept responsibility for any damage whatsoever that is
caused by viruses being passed. Any views or opinions presented are solely
those of the author and do not necessarily represent those of Stortext FM
Ltd or either of its subsidiaries Stortext Document Solutions Ltd and FM
Image Management Ltd  

For more information about StortextFM and our services visit
http://www.stortextfm.com 

****************************************************************************
*******

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [FW-1] How to have RIP (Zebra) working in SPLAT with Cluster pair?, Brenda W.S. Chan
Next by Date:  Re: [FW-1] Clientless VPNs and multiple certificates, Matthias Leu
Previous by Thread:  [FW-1] How to have RIP (Zebra) working in SPLAT with Cluster pair?, Brenda W.S. Chan
Next by Thread:  Re: [FW-1] Clientless VPNs and multiple certificates, Matthias Leu
Indexes:  [Date] [Thread] [Top] [All Lists]