Search results for query: *

You can just autorize any user to go to your web server via a security rules plus a nat rules that allow you to access web server. Otherwise you have the fonctionnality of the Authority server that allow you to identifie user and allow them to access to a web server inside the VPN domain...

this is not checkpoint which do this ! This is IIS or your redirection ! LaNceLoT

You don't have anything in The Global Properties on the Policy Server. But you can have on an object the possibility to select if the gateway have a policy server. Ok this is done like this but in the SmartStatus the policy server is pointed "! Down". And when i install the module on the Nokia...

Hi, I've got a problem with my policy server. I install Checkpoint VPN-1 pro on a Nokia IP120 and in the SmartStatus on the management server which are not on the nokia IP120 say that the policy server is down. I don't see anywhere something to install policy server on the Nokia ?????? Can i...

Hi, I've got a problem with my policy server. I install Checkpoint VPN-1 pro on a Nokia IP120 and in the SmartStatus on the management server which are not on the nokia IP120 say that the policy server is down. I don't see anywhere something to install policy server on the Nokia ?????? Can i...

Euh... yes think it's implicit on the checkpoint firewall. while your trying to access to ftp from any port the answer will be on the good por. No need of port forwarding ! Port forwarding server when you want the next exemple : you have a kind of server somewhere where all people going to...

i have had almost the same error with 2 Nokia IP120 and checkpoint NG AI. And the probleme is that the management server on that i'm trying to ping in the other side was static NAT and wasn't a part of the VPN domain. So the encryption failed ! You can try ping from an other workstation or...

It's not really precise in your print, we can't really understand what is the real NAT between what and what. Otherwise if it's just port-mapping proceed like that for your exemple : ORIGINAL PACKET Source: 172.31.0.0/24 Destination: 192.168.1.0/24 Service: any (you can't specify a range)...

Hello, I'm trying to connect a secure client to my VPN (works fine now :-) ) and it's work well exept for the policy server. In my SmartStatus i've write that the policy server is down ! And nowhere in documentation i've seen how to start or enable policy server. Where can i enable or start...

think you take one to one rules and put it in a new firewall server ! LaNceLoT

Ok i have solve my probleme by adding a virtual log server at the adresse of the static NAT of the real management server to have the return of the log. For the VPN the probleme is that the management server was not a part of the VPN domain. The VPN work fine with other machine. So to solve it...

Do your SIC work fine beetween enforcement module and mangement server even if the policy are install ? Do you have define the management server as the master and the log server in the gateway configuration ? Do the management address IP need route to be access from the module ? if it is that...

If you use double address IP on a interface (don't know if it that) the second adress IP work sometimes and sometimes don't. And i don't know why but it can be the probleme ! If it's not the probleme, see the log (SmartTracker) and tell us what is writen. LaNceLoT

Hello, I'm going to explain you my probleme. I've got 2 Nokia IP120 and checkpoint NG AI. I install 2 module firewall-1 VPN-1 on each gateway and the management server on a local interface of one Nokia appliance. The second Nokia can be connected to the management server after putting policy...

It seems to be a SMTP server. There is a smtpd in the module fw-1 VPN-1 and the documentation tell us about a window configuration that i dont find on the management server. And there is some configuration on each gateway. So i'm sorry to not be sure but it seems to be a SMTP server. LaNceLoT

The domain of each gateway in the VPN are define as the local network of each one. Manually define as network 10.0.0.0/24 for the local Nokia and 10.0.1.0/24 for the remote Nokia. I've got a probleme from the beginnig with the licences cause my reseller make mistake so we don't have for now...

i ve something more. I active the debug of the VPN on the Nokia like this : vpn debug on and vpn debug IKE on. And i ve got the next message on the hyperterminal : community_logid_from_community_id: unable to find entry in communites_names .....my bad.... my boss put me pressure .... arghhhhh...

For the VPN communites i have got this configuration : IKE 3DES/MD5 IPSEC 3DES/MD5 I use IPSEC in perfect forward secrecy I ve disable and enable the NAT inside the VPN communites In each gateway i support use of pre-shared Secret and public key Support NAT traversal mechanism with port...

an other error message is when i try to ping the remote Nokia from the management server the error is : encryption failure : cannot calculate IKE ranges any idea is welcome ! LaNceLoT

Hello, I've got 2 module firewall-1 VPN-1 install on 2 Nokia IP120. I've the management server on the local interface on one Nokia. I've got a rule that make static NAT with a virtual adress to the mangement server. The external interface of the Nokia is the IP of 212.81.126.2 and my static NAT...