I guess it would be better if you give us a little more detail on this.
Because of the way you have explained the scenario, sounds to me like you
are talking about Remote Access VPN using SecurID for user authentication
(please let me know if I'm wrong), assuming that...
When you say that you were able to get connected successfully, I'm guessing
the authentication went through with no problems, but do you actually see
the messages on your client saying your user got authenticated? If so, I
believe we can safely discard any issues related with the RSA/SecurID setup.
Moving to the next step, what do you see on the SmartView Tracker when you
try to reach anything on the LAN behind the FW?
How did you configure your rulebase regarding this connections?
If everything looks ok at this point... Have you checked for possible
routing issues once the packets are decrypted and sent to the LAN? If there
is a problem with conflicting private networks, IP Pool NAT can help you, or
even better you can use Office Mode, but for that you would need Secure
Client instead of SecuRemote (which requires an extra license)
Hope all this helps.
Regards
On 12/26/06, Clive Luk <clive AT sl.nsw.gov DOT au> wrote:
Hi all,
I hope someone can help me out here.
I have try everything I could.
I have newly setup a cluster NGX R60 firewall with RSA authentication
manager with SecurID working. They all running on Solaris 9.
I have also tested the connection from my home to the cluster FW. I have
connected successfully. However, my issue is I can't access any internal
resources. I can't get into the intranet or to ping any internal servers.
Please help. I have tried everything. Any expert would kindly give me some
tips it would be good start of 2007 for me!
Thanks in advance!
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
--
Sergio Alvarez
(506)8301342
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
