yes, this is really strange.
i really don´t understand where the problem should be to forward the
hostname to the dhcp. in our active directory environment it would be great
to have also the secureclients in the dns. but it seems that checkpoint is
not the only vendor who has problems when working as an dhcp relay agent. a
collegue of mine told me that cisco (we use one as a dial in router) has the
same problem when working as an dhcp relay.
wolfgang
> -----Ursprüngliche Nachricht-----
> Von: Mailing list for discussion of Firewall-1
> [mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] Im Auftrag von Ray
> Gesendet: Sonntag, 27. November 2005 02:22
> An: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
> Betreff: Re: [FW-1] AW: [FW-1] SecureClient DNS registration
>
>
> Odd. That article sk23196 was updated on Nov. 21st and says no fix is
> available but it will be included in NGX HFA01 due in Sept.
> 05. I wonder if
> this is going to take a SecureClient fix. The one available
> for download is
> still the original one.
>
> Ray
>
> >From: Scholz Wolfgang <Wolfgang.Scholz AT FJA DOT COM>
> >Reply-To: Mailing list for discussion of Firewall-1
> ><FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>
> >To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
> >Subject: [FW-1] AW: [FW-1] SecureClient DNS registration
> >Date: Thu, 24 Nov 2005 18:12:49 +0100
> >
> >hi everybody,
> >
> >we have exactly the same problem. the ip assignment via the
> dhcp server
> >works like a charm but i simply don´t get the A record
> updated. in our
> >scenario the dhcp server is updating the dns. when i checked
> the dhcp
> >request and ack packets with ethereal i can see that the hostname of
> >the office mode client does not get sent to the dhcp server. by the
> >way, you don´t want the client itself updating the dns
> because he will
> >update the dns with the address of the physical interface not the ip
> >adress of the office mode pool. so i thought to install
> hfa01 because
> >in the release notes checkpoint said they fixed an issue
> with ddns but
> >so far no luck. the behaviour is exactly the same with
> hfa01. anybody
> >any idea ??
> >
> >thanks
> >
> >regards
> >
> >wolfgang
> >
> >
> > > -----Ursprüngliche Nachricht-----
> > > Von: Mailing list for discussion of Firewall-1
> > > [mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] Im
> Auftrag von
> > > Ray
> > > Gesendet: Mittwoch, 23. November 2005 18:25
> > > An: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
> > > Betreff: Re: [FW-1] SecureClient DNS registration
> > >
> > >
> > > Hi Duncan,
> > >
> > > What's the SecureClient log viewer show? I think it would show
> > > something inbound being dropped.
> > >
> > > Does the DHCP server update dynamic DNS on behalf of the
> client or
> > > are you allowing each client to do it directly?
> > >
> > > An Office Mode problem with SecureClient not updating the dynamic
> > > DNS was supposed to be corrected in NGX HFA01, in case you didn't
> > > know about it.
> > >
> > > Ray
> > >
> > >
> > > >From: "Meyers, Duncan" <duncan.meyers AT AU.UNISYS DOT COM>
> > > >Reply-To: Mailing list for discussion of Firewall-1
> > > ><FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>
> > > >To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
> > > >Subject: [FW-1] SecureClient DNS registration
> > > >Date: Wed, 23 Nov 2005 12:36:48 +1100
> > > >
> > > >Hi all,
> > > >
> > > >I have a bit of an odd problem that seems to be related to
> > > SecureClient
> > > >(NGX R60 Build 191 on XP).
> > > >
> > > >When a laptop that has SecureClient installed and a
> simple desktop
> > > >policy active (allow all outbound, drop all inbound) is connected
> > > to the company
> > > >LAN, it picks up an IP address from the Windows 2003 DHCP
> > > server but
> > > >doesn't update the active DNS registration so that if you
> > > ping the machine
> > > >name it, the DNS sever replies with an old address.
> > > >
> > > >The problem goes away immediately if you stop the VPN-1
> > > SecureClient -
> > > >that
> > > >is; the DNS entry is updated.
> > > >
> > > >Any thoughts?
> > > >
> > > >Thanks,
> > > >
> > > >Duncan
> > > >
> > > >
> > > >=================================================
> > > >To set vacation, Out-Of-Office, or away messages,
> > > >send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> > > >in the BODY of the email add:
> > > >set fw-1-mailinglist nomail
> > > >=================================================
> > > >To unsubscribe from this mailing list,
> > > >please see the instructions at
> > > >http://www.checkpoint.com/services/mailing.html
> > > >=================================================
> > > >If you have any questions on how to change your subscription
> > > >options, email fw-1-owner AT ts.checkpoint DOT com
> > > >=================================================
> > >
> > > =================================================
> > > To set vacation, Out-Of-Office, or away messages,
> > > send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> > > in the BODY of the email add:
> > > set fw-1-mailinglist nomail
> > > =================================================
> > > To unsubscribe from this mailing list,
> > > please see the instructions at
> > > http://www.checkpoint.com/services/mailing.html
> > > =================================================
> > > If you have any questions on how to change your subscription
> > > options, email fw-1-owner AT ts.checkpoint DOT com
> > > =================================================
> > >
> >
> >=================================================
> >To set vacation, Out-Of-Office, or away messages,
> >send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> >in the BODY of the email add:
> >set fw-1-mailinglist nomail
> >=================================================
> >To unsubscribe from this mailing list,
> >please see the instructions at
> >http://www.checkpoint.com/services/mailing.html
> >=================================================
> >If you have any questions on how to change your
> >subscription options, email
> >fw-1-owner AT ts.checkpoint DOT com
> >=================================================
>
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> fw-1-owner AT ts.checkpoint DOT com
> =================================================
>
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
