|
Home > Archive > VPN > November 2006 > A question about Checkpoint firewall and Telnet over VPN
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
A question about Checkpoint firewall and Telnet over VPN
|
|
| apsolar@gmail.com 2006-11-05, 7:13 pm |
| Hello
I have been trying different options to resolve an issue with a remote
site VPN tunnel. I have the tunnel up and working. I have tried using
IPSEC with low,medium and strict security profile.
Since I am using Shiva VPN devices, I have tried using their Shiva
Smart Tunnels too. They all work fine. I can perform all the normal
operations like file copy, establish VNC sessions and browse interent
too. The only problem is with the telnet session from that remote site
to another site which goes through my comapny LAN. The telnet session
works fine from the internal company LAN, but it doesnt work from that
remote site. It starts of well allowing the users to log in, but once
they log in, it freezes up.
Initially I assumed this was caused by the encryption, but later on
found out that its the checkpoint firewall on the company side that
casues this problem. I am sure about this because I tried a different
VPN connection via an ADSL connection that connected to the company LAN
without going throught firewall. It worked perfectly fine allowing the
telenet session.
Could anybody tell me what settings on checkpoint would resolve this
issue.
thanks
Ankit
| |
|
| Do you have a long login banner on that telnet system they are connecting
to?
Ray
<apsolar@gmail.com> wrote in message
news:1162763110.560169.214630@m7g2000cwm.googlegroups.com...
> Hello
>
> I have been trying different options to resolve an issue with a remote
> site VPN tunnel. I have the tunnel up and working. I have tried using
> IPSEC with low,medium and strict security profile.
> Since I am using Shiva VPN devices, I have tried using their Shiva
> Smart Tunnels too. They all work fine. I can perform all the normal
> operations like file copy, establish VNC sessions and browse interent
> too. The only problem is with the telnet session from that remote site
> to another site which goes through my comapny LAN. The telnet session
> works fine from the internal company LAN, but it doesnt work from that
> remote site. It starts of well allowing the users to log in, but once
> they log in, it freezes up.
> Initially I assumed this was caused by the encryption, but later on
> found out that its the checkpoint firewall on the company side that
> casues this problem. I am sure about this because I tried a different
> VPN connection via an ADSL connection that connected to the company LAN
> without going throught firewall. It worked perfectly fine allowing the
> telenet session.
>
> Could anybody tell me what settings on checkpoint would resolve this
> issue.
>
> thanks
> Ankit
>
| |
| apsolar@gmail.com 2006-11-06, 7:13 pm |
| yes, the login banner is as long as 10 lines.
Ankit
Ray wrote:[vbcol=seagreen]
> Do you have a long login banner on that telnet system they are connecting
> to?
>
> Ray
>
> <apsolar@gmail.com> wrote in message
> news:1162763110.560169.214630@m7g2000cwm.googlegroups.com...
| |
| apsolar@gmail.com 2006-11-06, 7:13 pm |
| yes, the login banner is as long as 10 lines.
Ankit
Ray wrote:[vbcol=seagreen]
> Do you have a long login banner on that telnet system they are connecting
> to?
>
> Ray
>
> <apsolar@gmail.com> wrote in message
> news:1162763110.560169.214630@m7g2000cwm.googlegroups.com...
| |
| apsolar@gmail.com 2006-11-06, 7:13 pm |
| yes, the login banner is as long as 10 lines.
Ankit
Ray wrote:[vbcol=seagreen]
> Do you have a long login banner on that telnet system they are connecting
> to?
>
> Ray
>
> <apsolar@gmail.com> wrote in message
> news:1162763110.560169.214630@m7g2000cwm.googlegroups.com...
| |
| apsolar@gmail.com 2006-11-06, 7:13 pm |
| yes, the login banner is as long as 10 lines.
Ankit
Ray wrote:[vbcol=seagreen]
> Do you have a long login banner on that telnet system they are connecting
> to?
>
> Ray
>
> <apsolar@gmail.com> wrote in message
> news:1162763110.560169.214630@m7g2000cwm.googlegroups.com...
|
|
|
|
|