Re: [FW-1] Another Office mode IP address question

Subject:	Re: [FW-1] Another Office mode IP address question
From:	Neil Kemp <secureadvice AT GMAIL DOT COM>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Tue, 28 Feb 2006 15:32:30 +0000

As far as I know, the Office Mode IP address range has to be a different
network, otherwise there is routing problems. Saying that though, I also
thought that was true of IP Pool Nat.



On 28/02/06, David Strom <dstrom AT ciesin.columbia DOT edu> wrote:
>
> We currently use SecuRemote in a limited way, because of the SR problem
> reported on this list where duplicate remote private IP address aren't
> handled.  (Boo, hiss!)
>
> Since our Solaris servers use TCP wrappers to restrict access, we use IP
> Pool assignment on our NGX VPN-1 firewall to assign addresses from a
> range of IPs on our internal subnet.  I.e., suppose our LAN uses
> 192.168.1.0/24 as the internal subnet, we allocate 10 IP numbers, say
> 192.168.1.120 thru 192.168.1.129 for the IP pool, same subnetting as the
> rest of the LAN = 255.255.255.0.  Works fine for SR.  Note that with
> NGX, CP decided not to do auto-ARP again, so you have to do that manually.
>
> Please bear with me, here's the question:  Can Office Mode IP address
> allocation work exactly the same way, using IP Pool style assignment, no
> DHCP server?  If so, how?   This would let us finally get some real use
> out of our VPN license since we have no use for site-to-site VPN.
>
> Thanks.
> --
> David Strom
>
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> fw-1-owner AT ts.checkpoint DOT com
> =================================================
>

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] Another Office mode IP address question, David Strom Re: [FW-1] Another Office mode IP address question, Neil Kemp <= Re: [FW-1] Another Office mode IP address question, Ramakrishnan Pillai

Previous by Date:	[FW-1] R: [FW-1] Backup and Restore SmartCenter and Gateway R55, Lorenzo
Next by Date:	Re: [FW-1] Another Office mode IP address question, Ramakrishnan Pillai
Previous by Thread:	[FW-1] Another Office mode IP address question, David Strom
Next by Thread:	Re: [FW-1] Another Office mode IP address question, Ramakrishnan Pillai
Indexes:	[Date] [Thread] [Top] [All Lists]