Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

SecureClient traffic to DMZ and problem with Office Communicator 1

Status
Not open for further replies.

RegTellis

MIS
Jul 10, 2006
40
US

Another minor annoyance that I am wondering if someone might have some suggestions for:

1. I am unable to ping anything on my DMZ from my secureclient. Am I missing something in my policy somewhere?

2. I notice that if I use my office communicator through the vpn, all the attributes of it that I normally enjoy when connected to the LAN, I do not have within the VPN. For example, all the corporate address book information does not show up like it does on the lan but I can still do the basic stuff like IM and data share, etc.?
 
Is your DMZ defined as part of the 'encrypted domain'? If it isn't then this is the problem.
 
Hmmnnn, that makes some kind of sense, i suppose, but i am at a loss as to where exactly I would add/define my DMZ as part of the encrypted domain?
 
Try right-clicking on the fw object and choose edit. Look in the right pane and choose topology. Look towards the bottom on the right. There, you should find the vpn encryption domains (that you have previously defined, right ?) The network for your dmz should be in that encrypted domain. You're telling Checkpoint, these are the private networks native to my fw.

Your rule should look something like this:

src destination vpn service
vpn group encyption domain vpn community any

Hope this helps.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top