Recent content by billhome

I did read the above information. My assupmtion, which could be wrong, is that the reason that ICS is not supported is due to the fact that it is insecure, say to session hijacking. Other vpn clients may or may not follow the same standards that the Symantec client does. The fact that the esp...

i am assuming you are seeing these errors in the NT logfiles. What does the firewall logfile say?

The vpn client drops all broadcast traffic which is what MS uses. Make sure that the ports are set to wide open on the vpn client through the gui. Also remember that network browsing, in it's own right, has problems. You may want to think about using a lmhosts file and preloading wins and pdc...

I would verify the configuration of the tunnel and make sure you have all the latest hotfixes. The tunnel should work. Stiles is right, check the knowledge base.

lanceja, What you are seeing is not a firewall problem. Requests are coming in from internal machines for that address. No doubt in your changing the clients there is still reference to the old address. I would take on of the hosts that is generating this error message and go through it's...

are you using NT domain authentication?

Microsoft's ICS is not supported with the VPN client.

You may have a conflict between outgoing and incoming add transforms. What do you need the outgoing for. As far as users connecting to your WWW server from internet the maintain client original is enough. It also allows tracking if neccesary for post-mortum analysis. What is this nat pool...

There are a few possibilities. First of all what does the firewall log say when RM clients try to connect. You say that the exchange server can ping the FW. Can the FW ping the exchange server? How are your address transforms set up? If you are using the gateway's address then that may...

I would start to troubleshoot by answering the following questions. Can you ping the exchange server through the tunnel? Is the default gateway of the exchange server the firewall? Routing in place? Are you going through the proxies for the tunnel? What services did you allow in the rule if...

Httpd is not providing the same function from the firewall as it does from behind the firewall. Httpd is logging the traffic, you are right, but you are not bound to the httpd controls and proxy characteristics as you are from behind the firewall.

getting there from the firewall should happen anyways. The firewall itself is not bound to the rules that affect systems behind it.

Good one. I've heard of problems with esmtp and raptor which I think may be a similiar issue. There are ways to pass the traffic that you are passing with raptor but due to the fact that it is a proxy based firewall and not a simple packet filter I think that it is going to require some extra...

Check your manual. There are plenty of directions on how to set up the VPN based on your particular network. Like any VPN you need two endpoints, two secure gateways, and a vpn policy.

Read your manual on how to run a tcpdump. Check and confirm that packets are coming and going from both the internal client and the firewall and from the firewall to the extenal server. There might be some kind of port translation either going on or lacking. Identify the ports that the...