Search results for query: *

I did read the above information. My assupmtion, which could be wrong, is that the reason that ICS is not supported is due to the fact that it is insecure, say to session hijacking. Other vpn clients may or may not follow the same standards that the Symantec client does. The fact that the esp...

i am assuming you are seeing these errors in the NT logfiles. What does the firewall logfile say?

The vpn client drops all broadcast traffic which is what MS uses. Make sure that the ports are set to wide open on the vpn client through the gui. Also remember that network browsing, in it's own right, has problems. You may want to think about using a lmhosts file and preloading wins and pdc...

I would verify the configuration of the tunnel and make sure you have all the latest hotfixes. The tunnel should work. Stiles is right, check the knowledge base.

lanceja, What you are seeing is not a firewall problem. Requests are coming in from internal machines for that address. No doubt in your changing the clients there is still reference to the old address. I would take on of the hosts that is generating this error message and go through it's...

are you using NT domain authentication?

Microsoft's ICS is not supported with the VPN client.

You may have a conflict between outgoing and incoming add transforms. What do you need the outgoing for. As far as users connecting to your WWW server from internet the maintain client original is enough. It also allows tracking if neccesary for post-mortum analysis. What is this nat pool...

There are a few possibilities. First of all what does the firewall log say when RM clients try to connect. You say that the exchange server can ping the FW. Can the FW ping the exchange server? How are your address transforms set up? If you are using the gateway's address then that may...

I would start to troubleshoot by answering the following questions. Can you ping the exchange server through the tunnel? Is the default gateway of the exchange server the firewall? Routing in place? Are you going through the proxies for the tunnel? What services did you allow in the rule if...

Httpd is not providing the same function from the firewall as it does from behind the firewall. Httpd is logging the traffic, you are right, but you are not bound to the httpd controls and proxy characteristics as you are from behind the firewall.

getting there from the firewall should happen anyways. The firewall itself is not bound to the rules that affect systems behind it.

Good one. I've heard of problems with esmtp and raptor which I think may be a similiar issue. There are ways to pass the traffic that you are passing with raptor but due to the fact that it is a proxy based firewall and not a simple packet filter I think that it is going to require some extra...

Check your manual. There are plenty of directions on how to set up the VPN based on your particular network. Like any VPN you need two endpoints, two secure gateways, and a vpn policy.

Read your manual on how to run a tcpdump. Check and confirm that packets are coming and going from both the internal client and the firewall and from the firewall to the extenal server. There might be some kind of port translation either going on or lacking. Identify the ports that the...

If this app is accessed using a browser what you want to do is open additional http ports within: proxy services--->httpd--->additional http (or https) ports. Then within your rule add http* to included services. Before you do any of this thhough I would delete the gsp that you created and...

This may have something to do with your version of IE. What does the logfile on the firewall say. Taking the verisign out of the picture, can you connect? What services are you redirecting? Within in your re-direct rule you should have the http* selected for included services and if you...

itrix uses ports 1494tcp and 1604udp. Therefore, protocols and gsps must be created for those ports. A rule, containing those gsps, must also be created to permit access from outside to the Citrix server on the protected network. Next, create two redirects for those services pointing to the...

what are you trying to do? Can you be more specific?

I have come to a conclusion and resolved my issue. The problem was that the DSL users were behind a nexlan box. The default setting for nexlan and say linksys for internal clients if the dhcp service is running is to use an internal dhcp scope of 192.168.0.x. The problem arises when a client...