Checkpoint client

  • From: "Sam Chapman" <adminone@xxxxxxxxxxx>
  • To: <isalist@xxxxxxxxxxxxx>
  • Date: Wed, 21 Jan 2004 16:40:53 -0800

Thanks Jim, yeah I read the ISA and Beyond book, most of the Articles in the
isaserver.org and some other material with no luck to get the checkpoint
client to pass thru ISA. But at least now I know that it probably won't
work. Anyways, I will just find alternative ways to connect to the check
point server. 

Thanks Jim

Sam

-----Original Message-----
From: Sam Chapman [mailto:adminone@xxxxxxxxxxx] On Behalf Of Administrator
Sent: Wednesday, January 21, 2004 4:36 PM
To: '[ISAserver.org Discussion List]'
Subject: RE: [isalist] Checkpoint client

Thanks Jim, yeah I read the ISA and Beyond book, most of the Articles in the
isaserver.org and some other material with no luck. But I least now I know
that it probably won't work anyways so I will just find alternative ways to
connect to the check point server. Once again thanks for the feed back.

Sam

-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] 
Sent: Tuesday, January 20, 2004 10:31 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Checkpoint client

http://www.ISAserver.org

(changing the subject for you)

Many IPSec clients fail behind ANY NAT device, not just ISA.
Supposedly, there is a specific version of hte Cisco VPN client that
supports NAT traversal.

  Jim Harrison
  MCP(NT4, W2K), A+, Network+, PCG
  http://isaserver.org/Jim_Harrison/
  http://isatools.org
  Read the help / books / articles!


On Tue, 20 Jan 2004 18:06:22 -0800
 "Sam Chapman" <adminone@xxxxxxxxxxx> wrote:
http://www.ISAserver.org

Hi all,

Not to change subjects or anything but it is amazing that I have yet to
speak or hear from anyone that has successfully run a secure remote
checkpoint client behind ISA. Rumors are ISA changes the packet header and
drops all incoming communication regardless if it is destined to a firewall
or a secure Nat client, and regardless of the Ip packet filters or protocol
rules that one might have setup. The question here is does ISA really allow
communication between a secure remote client corporate office? I have tried
it myself, opening all possible ports, creating filters and protocol rules
did not work.

Thank you all,

Sam

-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] 
Sent: Tuesday, January 20, 2004 4:18 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: UPS Worldship

http://www.ISAserver.org

Hi Michael,

I'm getting a 403 to that site regardless of Web Proxy client config or
not.

Tom 

-----Original Message-----
From: Michael Weber [mailto:mweber@xxxxxxxxxxxx] 
Sent: Tuesday, January 20, 2004 11:52 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: UPS Worldship

http://www.ISAserver.org

I am running that version, and that is the article I followed.

The only other weird thing that is happening is that when I try to
access https://www.uoss.ups.com/ from IE I sometimes get a 403 error,
sometimes I get the login screen, and sometimes I get an internal UPS
website error ("A recursive error was detected").  It seems to me that I
should never get an error if I just try to access the site from a web
browser.

Michael Weber

-----Original Message-----
From: Fares Rihani (Personal) [mailto:Fares@xxxxxxxxxx]
Sent: Tuesday, January 20, 2004 12:36 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: UPS Worldship

http://www.ISAserver.org

Michael,

Make sure you are running the latest version. I have no problems running
under 5.0.37.  I had connection problems before upgrading so it is worth
a shot.  

Here is the article for direct connection that I used.  
http://www.isaserver.org/tutorials/Configuring_Web_Proxy_Clients_for_Dir
ect_Access.html

Is that how you configured your setup?

Fares Rihani



-----Original Message-----
From: Michael Weber [mailto:mweber@xxxxxxxxxxxx]
Sent: Tuesday, January 20, 2004 12:40 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: UPS Worldship


http://www.ISAserver.org

I do have the direct connection in UPS enabled, and I have tried it with
a proxy and without.  With the proxy enabled, I still get the "Peer's
certificate has an invalid signature" error.  It just occurs after a
connection to the proxy server is made.  The entry in the web proxy ISA
log says that it made the connection; however, it returns a 64 error
code (The specified network name is no longer available).

Michael Weber


192.168.0.26, anonymous, ICCTest_http/1.0, N, 1/20/2004, 12:02:26,
w3proxy, <server>, -, www.uoss.ups.com, 153.2.73.100, 443, 0, 52, 1752,
SSL-tunnel, TCP, -, www.uoss.ups.com:443, -, Inet, 64, 0x0, Internal
access, Allow rule




------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
fares@xxxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
mweber@xxxxxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
adminone@xxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
adminone@xxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 01-2004