RE: Firewall client with vpn

  • From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Fri, 28 Jan 2005 06:04:29 -0800

The answer is:
        - it depends...
Case 1 - the FWC is configured to "automatically detect": the FWC will
seek out the ISA it last knew of and if that fails, it will try
auto-detection (wpad).  If that also fails, FWC will self-disable, but
retry every so often.  This leaves the WFC host acting as a SecureNET
client.

Case 2 - the FWC is configured to use a specific ISA: the FWC will
attempt to contact that ISA and if this fails, will block
non-local-subnet Winsock traffic completely.

What this boils down to is if your cross-VPN name resolution sucks, so
will the client experience.

-----Original Message-----
From: Greg Mulholland [mailto:greg@xxxxxxxxxxxxxx] 
Sent: Friday, January 28, 2005 2:04 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Firewall client with vpn

http://www.ISAserver.org

 

Howdy

Hypothetical question posed to me before! If a client has a laptop and
has the firewall client installed and is primarily a VPN user, if
he/she/it returns home and wishes to jump on their home net connection,
will the firewall client have to be disabled. Moreover, if the ip
addresses have changed on his laptop, will the firewall client just
'barf' and they will be able to connect without disabling the firewall
client. I don't have the means to test it right now so I guess I need
some help :)

Thanks

Greg

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

All mail to and from this domain is GFI-scanned.

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 01-2005