No matter where you place the line in the fwkern.conf file
If the file doesnt exists, ou must create it
you'll find more informations in sk20364 or sk25826
Bertrand
Sascha Picchiantano <sascha AT PICCHIANTANO DOT DE>@AMADEUS.US.CHECKPOINT.COM>
le
29/06/2006 01:32:43
Veuillez répondre à Mailing list for discussion of Firewall-1
<FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>
Envoyé par : Mailing list for discussion of Firewall-1
<FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>
Pour : FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
cc :
Objet : Re: [FW-1] PPTP/HIDE NAT
Upgrading to NG X is not an option right now. Where can I get some more
info
on adding that line to the fwkern.conf file that Betrand mentioned? Can I
place that line anywhere in the file or does it have to go to a specific
place?
Thanks guys!
Sascha
> hi,
>
> it's easier to upgrade to NG X and then configure
> pptp-enforcement in the smartdefense -> VPN settings ....
>
> cheers
> reinhard
>
> At 18:42 28.06.2006, you wrote:
>> Hi,
>>
>> did you
>>
>> - add the line fw_pptp_enforce_protocol=1 in the
>> $FWDIR/modules/fwkern.conf file
>> - declare the pptp_tcp service with type PPTP_TCP
>>
>> Bertrand
>>
>>
>>
>>
>>
>> Sascha Picchiantano <sascha AT PICCHIANTANO DOT
>> DE>@AMADEUS.US.CHECKPOINT.COM>
le
>> 28/06/2006 17:49:04
>>
>> Veuillez répondre à Mailing list for discussion of Firewall-1
>> <FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>
>>
>> Envoyé par : Mailing list for discussion of Firewall-1
>> <FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>
>>
>>
>> Pour : FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
>> cc :
>>
>> Objet : Re: [FW-1] PPTP/HIDE NAT
>>
>>
>> Hi,
>>
>> I was just trying to set this up and regarding to Checkpoint's notes on
>> their website, we need to have R55 HFA10 or above to make this work. We
>> have
>> HFA17 but it doesn't work. When the client behind FW1 tries to initiate
the
>> PPTP connection to an outside VPN system, that system tries to make a
>> connection back to our Hide-NAT address using IP protocol 47. FW1 drops
>> that.
>>
>> Any idea what I might be doing wrong?
>>
>> Thanks for your help!
>>
>> Sascha
>>
>> =================================================
>> To set vacation, Out-Of-Office, or away messages,
>> send an email to LISTSERV AT amadeus.us.checkpoint DOT com
>> in the BODY of the email add:
>> set fw-1-mailinglist nomail
>> =================================================
>> To unsubscribe from this mailing list,
>> please see the instructions at
>> http://www.checkpoint.com/services/mailing.html
>> =================================================
>> If you have any questions on how to change your
>> subscription options, email
>> fw-1-owner AT ts.checkpoint DOT com
>> =================================================
>>
>> =================================================
>> To set vacation, Out-Of-Office, or away messages,
>> send an email to LISTSERV AT amadeus.us.checkpoint DOT com
>> in the BODY of the email add:
>> set fw-1-mailinglist nomail
>> =================================================
>> To unsubscribe from this mailing list,
>> please see the instructions at
>> http://www.checkpoint.com/services/mailing.html
>> =================================================
>> If you have any questions on how to change your
>> subscription options, email
>> fw-1-owner AT ts.checkpoint DOT com
>> =================================================
>
> --
> Reinhard Stich r.stich AT internet-security DOT at
> Internet Security AG, 1150 Wien, Johnstrasse 29
> Tel: +43 1 3709440 RS784-RIPE Fax: +43 1 3709440-333
>
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> fw-1-owner AT ts.checkpoint DOT com
> =================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
