You can use the administrative build and create a custom install. There's an
SK article on doing it. Briefly you get the policy on one computer and then
copy the files over to the administrative install source, add a line into
PRODUCT.INI and away you go.
There's also a nice option in PRODUCT.INI where you can change one line from
"acceptall" to "blockinbound". If there's no policy installed for whatever
reason, it will block all inbound connections until it gets a policy
downloaded.
While this could affect LAN connections until a policy is loaded, it does
make it much safer to install it on a client that's directly connected to
the Internet. It closes rthat window of opportunity between when the client
is rebooted after the install and when it connects and downloads a policy.
HTH,
Ray
From: cp user <checkpoint_user AT YAHOO DOT FR>
Reply-To: Mailing list for discussion of Firewall-1
<FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: [FW-1] How to load policy onto SecuerClient?
Date: Fri, 30 Sep 2005 11:18:27 +0200
Hello there,
I have an evaluation license for Check Point NG with
AI (R55). I have installed SecureClient on a remote
machine.
How may I load policy onto the remote client?
My SmartCenter server is connected to the LAN (behind
a FW-1/VPN-1 gateway, and the remote client is
connected to internet).
Many thanks.
--- cp user <checkpoint_user AT yahoo DOT fr> a écrit :
> Date: Thu, 29 Sep 2005 15:56:05 +0200 (CEST)
> De: cp user <checkpoint_user AT yahoo DOT fr>
> Objet: SecuerClient: policy is not loaded
> À: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
>
> Hi all,
>
> I installed VPN-1 SecureClient NG with AI (R55) in a
> windows XP pro client machine.
>
> The remote client connects successfully to the
> gateway. But I am unable to logon to the policy
> server
> (the option "Policy > Logon to policy server" is
> not active).
>
> In the SecureClient Diagnostics window, I see the
> following:
> Policy is not loaded
> Machine is not securely configured
> There is no active security policy on your
> computer. Please logon to a Policy Server to
> download
> the policy...
>
> What would you please suggest me to do?
>
> Regards
>
>
>
>
>
>
>
___________________________________________________________________________
>
> Appel audio GRATUIT partout dans le monde avec le
> nouveau Yahoo! Messenger
> Téléchargez cette version sur
> http://fr.messenger.yahoo.com
>
___________________________________________________________________________
Appel audio GRATUIT partout dans le monde avec le nouveau Yahoo! Messenger
Téléchargez cette version sur http://fr.messenger.yahoo.com
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
