List Info

Thread: NAT or Routes?
NAT or Routes?
user name
 2006-11-29 21:14:20 
both behaviors should work and all would be reduced to
routes and ACLs on your routers (as well as rules on your
firewall policy), but I personally would only route a
certain ip range or hosts to log in to these routers, you
wouldn't like everybody logging in to them... and I would
definitely NAT my internal IP (or the range allowed to log
in to them, indiviadualy) to keep track of the activity from
these two routers and only have external IPs logged. Oh, and
remember... always use SSH... u wouldn't like your users and
passwords flowing in plain text over the cables, hehehe...

-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLISTAMADEUS.US.CHECKPOINT.COM]
On Behalf Of Martine Pablo
Sent: Wednesday, November 29, 2006 12:21 PM
To: FW-1-MAILINGLISTAMADEUS.US.CHECKPOINT.COM
Subject: [FW-1] NAT or Routes?

hello, help?

i have the followiny situation:
                     -- 
    ROuter A---------|s|----FW---------LAN
    Router B---------|w|
                     |i|
                     |t|
                     |c|
                     |h|
                      - 

From the Lan to router, i can acces to any router.
I have to do NAT, or i can manage making routes ?

Thanks

-----Mensaje original-----
De: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLISTAMADEUS.US.CHECKPOINT.COM]
En nombre de Sean Donaghey/HDGH
Enviado el: Miércoles, 29 de Noviembre de 2006 01:51 p.m.
Para: FW-1-MAILINGLISTAMADEUS.US.CHECKPOINT.COM
Asunto: [FW-1] SMC Router & VPN problems

We have a few users that have some older SMC 7004ABR
routers, that were 
working just fine with SecureClient, but now they do not. 
The clients 
behind the router connect to the firewall with no problems
at all, but 
cannot ping or access anything behind the firewall.  I have
tested this 
myself, and have noticed the same.  If I replace the router
with a 
different one (Linksys or Netgear), the problem goes away. 
I have updated 
the topology on the client, and that did not matter.

Does anyone have an idea on what to look at?  There is no
MTU option on 
the router to change, and I have tried some of the TCPIP
tweaker progs out 
there to change the MTU on the client, but that did not
work.

Thanks,

Sean



The information contained in this e-mail message is
confidential and 
protected by law.  The information is intended only for the
person or 
organization addressed in this e-mail.  If you share or copy
the 
information you may be breaking the law.  If you have
received this e-mail 
by mistake, please notify the sender of the e-mail by the
telephone number 
listed on this e-mail.  Please destroy the original; do not
e-mail back 
the information or keep the original.

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERVamadeus.us.checkpoint.com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http:
//www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-ownerts.checkpoint.com
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERVamadeus.us.checkpoint.com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http:
//www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-ownerts.checkpoint.com
=================================================

____________________________________________________________
__________
This e-mail has been scanned by MCI Managed Email Content
Service, using Skeptic(tm) technology powered by
MessageLabs. For more information on MCI's Managed Email
Content Service, visit http://www.mci.com.
____________________________________________________________
__________
--------------------------------------------------------


          TELVISTA CERTIFIED

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERVamadeus.us.checkpoint.com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http:
//www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-ownerts.checkpoint.com
=================================================
[1]

about | contact  Other archives ( Real Estate discussion Medical topics )