Yossi,
1. Office mode addresses can't be part of the encryption
domain.
2-3. Use dhcp. With fixed mac-to-ip settings if you need
static ip's.
dhcp also has other benefits. Office mode will probably be
good for you.
Sofaware boxes support office mode now, but are limited in
many other
ways compared to vpn-1.
Lars
> -----Original Message-----
> From: Mailing list for discussion of Firewall-1
> [mailto:FW-1-MAILINGLIST AMADEUS.US.CHECKPOINT.COM]
On Behalf
> Of Jaja Banks
> Sent: 29. november 2006 22:25
> To: FW-1-MAILINGLISTAMADEUS.US.CHECKPOINT.COM
> Subject: [FW-1] Office Mode and Vmware machines with
local IP
> addresses
>
> Hi everyone,
> I have an unusual setup in one of our branch offices,
and I
> can't figure out whether Check Point's VPN gateway will
work for me.
>
> The entire office is NAT'ed behind a local Linux
Firewall
> right now ( 192.168.x.x).
> There are multiple servers internally that all have
local IP
> address ( 192.168.x.x).
>
> Engineers that work in this office have laptops with
local
> addresses, at home they either use the same addresses,
or
> wireless (non-conflicting addresses).
>
> Each engineer has Vmware machines on their laptops, all
of
> which also have addresses in the local range
(192.168.x.x) so
> that when they're in the office, everything works well.
>
> What I want to happen - I'd like to use SecureClient on
the
> laptops, and have the engineers connect from home (VPN)
to
> the Firewall, and then use their VMware machines to
access
> internal resources (like CVS servers, FTP servers,
etc). I
> want to avoid forcing the engineers to change networks
in
> their VMware machines every time they come home...
>
> My questions:
> 1. Does Office Mode support this configuration? Will I
need
> some more tweaking with the local IP ranges?
> 2. If the answer to (1) is yes - what is the
"smallest" Check
> Point VPN device that will support this? (Sofaware,
VPN-1
> edge, or full blown VPN-1?) 3. If the answer to (1) is
no -
> what should I change on this LAN in order to make it
work
> both in and out of the office with the VMware machines,
with
> Office Mode?
> Thanks in advance...
> Yossi
> <FW-1-MAILINGLISTAMADEUS.US.CHECKPOINT.COM>
>
> =================================================
> To set vacation, Out-Of-Office, or away messages, send
an
> email to LISTSERVamadeus.us.checkpoint.com
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http:
//www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
subscription
> options, email fw-1-ownerts.checkpoint.com
> =================================================
>
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERVamadeus.us.checkpoint.com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http:
//www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-ownerts.checkpoint.com
=================================================
|