[FW1] SecuRemote problems

[Richard Camp <RJC@IRMPHILA.com>]

    [ The following text is in the "iso-8859-1" character set. ]
    [ Your display is set for the "US-ASCII" character set. Some ]
    [ characters may be displayed incorrectly. ]


I am building a new firewall v4.0 to replace my existing firewall v3.0b.
Both are single gateways.

Everything is working on V4.0 except for SecuRemote sessions.  I am using
FWZ with encapsulation and static NAT on the servers that the clients are
trying to access.

Clients can get information from the firewall.
Clients get authenticated by the firewall.
All following packets get dropped by the cleanup rule.

My rule is Securemote Users / encryption domain / any / client encrypt.
V3.0b has specific services (rpc_mapper, tcp_high_ports, nbsession for
access to a Microsoft Exchange Server, 1 specific TCP and 1 UDP port for
access to a Terminal Server) and putting them in on the V4.0 machine changes
nothing.
If I change the rule to any / encryptin domain / any (or specific services)
/ accept, the packets get through.

The encryption domain includes the correct servers.
The user has access to the correct servers.

I am fairly new to this, so any suggestions would be welcome.

Thanks

Richard


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================