[ previous ] [ next ] [ threads ]
 
 From:  Christiaens Joachim <jchristi at oce dot be>
 To:  "'John Smith'" <qwik999 at yahoo dot com>, m0n0wall at lists dot m0n0 dot ch
 Subject:  RE: [m0n0wall] System requirements and Checkpoint Securemote VPN- 1
 Date:  Mon, 27 Oct 2003 14:51:36 +0100
Hmmmm,

I just put the laptop behind the m0n0 and it worked!

If you use 1:1, then you have more then one public ip?

Joachim

-----Original Message-----
From: John Smith [mailto:qwik999 at yahoo dot com]
Sent: maandag 27 oktober 2003 14:39
To: m0n0wall at lists dot m0n0 dot ch
Subject: RE: [m0n0wall] System requirements and Checkpoint Securemote
VPN- 1


Joachim
Mind to share what you did to make softclient working?
I am having problems using Nortel VPN client on the
laptop behind the m0n0 except 1 to 1 mapping.
Thanks


--- Christiaens Joachim <jchristi at oce dot be> wrote:
> The problem with IPSec behind "routers" is not the
> routing or firewalling
> mostly, but the way NAT doesn't know to which
> internal client it needs to
> send the replies comming from other VPN endpoint
> (because they are
> encrypted).
> 
> There are som tricks used to make it work (some for
> 1 client, some for
> more). All I know is that the watchguard client
> doesn't work with ex.
> Freesco or Linux pre-2.4 kernels, but it works very
> well with m0n0wall.
> 
> As I said, I will test a tunnel between a watchguard
> and a m0n0 soon, but
> the softclient works...
> 
> Joachim
> 
> -----Original Message-----
> From: Giorgio Catena [mailto:thechain at libero dot it]
> Sent: zaterdag 25 oktober 2003 15:09
> To: Christiaens Joachim
> Subject: Re: [m0n0wall] System requirements and
> Checkpoint Securemote
> VPN- 1
> 
> 
> Christiaens Joachim wrote:
> > I'm not shure what you mean:
> > 
> > -use the Checkpoint client software on one or more
> clients of you homelan
> > like this: <company> --- tunnel --- <firewall> ---
> tunnel ---
> > <vpnclient-soft>
> > 
> > or
> > -use the firewall to connect via a tunnel to your
> company's network and
> give
> > access to your entire homelan
> > like this: <company> --- tunnel --- <firewall> ---
> <homelan>
> > 
> > anyway, both should be possible with m0n0wall. I
> use the watchguard
> (SafeNet
> > sucuremote IPSec) client on a company laptop to
> connect to the company's
> > watchguard firebox 1000. This works very well!
> > In the near future I will be testing the
> watchguard-to-m0n0wall connection
> > (IPSec too), so my homelan can be a part of the
> company-lan.
> > 
> > I'll keep the list informed.
> > Regards,
> > Joachim
> > 
> I intend just the first scheme. My doubt is if it
> works because speaking 
> with the people of the floppyfw project the way the
> client (with the 
> software) bahaves now is not related (by their
> opinion) to the router-fw 
> I'm using. This is what they say but I'm not sure
> and I want to try out 
> something else. The Checkpoint VPN-1 securemote sw
> (for the client 
> connection) is that sort of bad beast without any
> help or other kind of 
> stuff and no settings except few stupid things....
> 
> Any help will be appreciated
> 
> Regards
> 
> 
> 
> -----------------------------------------------
> MISSION STATEMENT 
> -----------------------------------------------
> Oce enables its customers to manage their documents
> efficiently and
> effectively by offering innovative print and
> document management products
> and services for professional environments.
> 
> -----------------------------------------------
> DISCLAIMER 
> -----------------------------------------------
> This e-mail message and any attachment are intended
> for the sole use of the
> recipient(s) named above and may contain information
> which is confidential
> and/or protected by intellectual property rights.
> Any use of the information contained herein
> (including, but not limited to,
> total or partial reproduction, communication or
> distribution in any form) by
> other persons than the designated recipient(s) is
> prohibited.
> 
> If you have received this e-mail in error, please
> notify the sender either
> by telephone (0032-2-729.48.11) or by e-mail and
> delete the material from
> any computer.
> Oce-Belgium/Oce-Interservices is nor responsible for
> the correct and
> complete transfer of the contents of the sent
> e-mail, neither for the
> receipt on due time.  This e-mail message does not
> bring about a contractual
> obligation for Oce-Belgium/Oce-Interservices.
> 
> Thank you for your cooperation.
> 
> For further information about
> Oce-Belgium/Oce-Interservices please see our
> website at www.oce.be
> 
> -----------------------------------------------
> 
> 
> 
>
---------------------------------------------------------------------
> To unsubscribe, e-mail:
> m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail:
> m0n0wall dash help at lists dot m0n0 dot ch
> 


__________________________________
Do you Yahoo!?
Exclusive Video Premiere - Britney Spears
http://launch.yahoo.com/promos/britneyspears/

---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch


-----------------------------------------------
MISSION STATEMENT 
-----------------------------------------------
Oce enables its customers to manage their documents efficiently and
effectively by offering innovative print and document management products
and services for professional environments.

-----------------------------------------------
DISCLAIMER 
-----------------------------------------------
This e-mail message and any attachment are intended for the sole use of the
recipient(s) named above and may contain information which is confidential
and/or protected by intellectual property rights.
Any use of the information contained herein (including, but not limited to,
total or partial reproduction, communication or distribution in any form) by
other persons than the designated recipient(s) is prohibited.

If you have received this e-mail in error, please notify the sender either
by telephone (0032-2-729.48.11) or by e-mail and delete the material from
any computer.
Oce-Belgium/Oce-Interservices is nor responsible for the correct and
complete transfer of the contents of the sent e-mail, neither for the
receipt on due time.  This e-mail message does not bring about a contractual
obligation for Oce-Belgium/Oce-Interservices.

Thank you for your cooperation.

For further information about Oce-Belgium/Oce-Interservices please see our
website at www.oce.be

-----------------------------------------------