[ previous ] [ next ] [ threads ]
 
 From:  John Smith <qwik999 at yahoo dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  RE: [m0n0wall] System requirements and Checkpoint Securemote VPN- 1
 Date:  Mon, 27 Oct 2003 05:38:38 -0800 (PST)
Joachim
Mind to share what you did to make softclient working?
I am having problems using Nortel VPN client on the
laptop behind the m0n0 except 1 to 1 mapping.
Thanks


--- Christiaens Joachim <jchristi at oce dot be> wrote:
> The problem with IPSec behind "routers" is not the
> routing or firewalling
> mostly, but the way NAT doesn't know to which
> internal client it needs to
> send the replies comming from other VPN endpoint
> (because they are
> encrypted).
> 
> There are som tricks used to make it work (some for
> 1 client, some for
> more). All I know is that the watchguard client
> doesn't work with ex.
> Freesco or Linux pre-2.4 kernels, but it works very
> well with m0n0wall.
> 
> As I said, I will test a tunnel between a watchguard
> and a m0n0 soon, but
> the softclient works...
> 
> Joachim
> 
> -----Original Message-----
> From: Giorgio Catena [mailto:thechain at libero dot it]
> Sent: zaterdag 25 oktober 2003 15:09
> To: Christiaens Joachim
> Subject: Re: [m0n0wall] System requirements and
> Checkpoint Securemote
> VPN- 1
> 
> 
> Christiaens Joachim wrote:
> > I'm not shure what you mean:
> > 
> > -use the Checkpoint client software on one or more
> clients of you homelan
> > like this: <company> --- tunnel --- <firewall> ---
> tunnel ---
> > <vpnclient-soft>
> > 
> > or
> > -use the firewall to connect via a tunnel to your
> company's network and
> give
> > access to your entire homelan
> > like this: <company> --- tunnel --- <firewall> ---
> <homelan>
> > 
> > anyway, both should be possible with m0n0wall. I
> use the watchguard
> (SafeNet
> > sucuremote IPSec) client on a company laptop to
> connect to the company's
> > watchguard firebox 1000. This works very well!
> > In the near future I will be testing the
> watchguard-to-m0n0wall connection
> > (IPSec too), so my homelan can be a part of the
> company-lan.
> > 
> > I'll keep the list informed.
> > Regards,
> > Joachim
> > 
> I intend just the first scheme. My doubt is if it
> works because speaking 
> with the people of the floppyfw project the way the
> client (with the 
> software) bahaves now is not related (by their
> opinion) to the router-fw 
> I'm using. This is what they say but I'm not sure
> and I want to try out 
> something else. The Checkpoint VPN-1 securemote sw
> (for the client 
> connection) is that sort of bad beast without any
> help or other kind of 
> stuff and no settings except few stupid things....
> 
> Any help will be appreciated
> 
> Regards
> 
> 
> 
> -----------------------------------------------
> MISSION STATEMENT 
> -----------------------------------------------
> Oce enables its customers to manage their documents
> efficiently and
> effectively by offering innovative print and
> document management products
> and services for professional environments.
> 
> -----------------------------------------------
> DISCLAIMER 
> -----------------------------------------------
> This e-mail message and any attachment are intended
> for the sole use of the
> recipient(s) named above and may contain information
> which is confidential
> and/or protected by intellectual property rights.
> Any use of the information contained herein
> (including, but not limited to,
> total or partial reproduction, communication or
> distribution in any form) by
> other persons than the designated recipient(s) is
> prohibited.
> 
> If you have received this e-mail in error, please
> notify the sender either
> by telephone (0032-2-729.48.11) or by e-mail and
> delete the material from
> any computer.
> Oce-Belgium/Oce-Interservices is nor responsible for
> the correct and
> complete transfer of the contents of the sent
> e-mail, neither for the
> receipt on due time.  This e-mail message does not
> bring about a contractual
> obligation for Oce-Belgium/Oce-Interservices.
> 
> Thank you for your cooperation.
> 
> For further information about
> Oce-Belgium/Oce-Interservices please see our
> website at www.oce.be
> 
> -----------------------------------------------
> 
> 
> 
>
---------------------------------------------------------------------
> To unsubscribe, e-mail:
> m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail:
> m0n0wall dash help at lists dot m0n0 dot ch
> 


__________________________________
Do you Yahoo!?
Exclusive Video Premiere - Britney Spears
http://launch.yahoo.com/promos/britneyspears/