Problems creating first site using SecuRemote - Firewalls

This is a discussion on Problems creating first site using SecuRemote - Firewalls ; Hi, I'm trying to connect to my office using SecuRemote R56 build 619, on Windows XP Pro SP2 (rebuilt last week so pretty clean). I think there is Nokia/FW-1 at the other end that I'm trying to reach. When I ...

+ Reply to Thread
Results 1 to 7 of 7

Thread: Problems creating first site using SecuRemote

  1. Problems creating first site using SecuRemote

    Hi,

    I'm trying to connect to my office using SecuRemote R56 build 619, on
    Windows XP Pro SP2 (rebuilt last week so pretty clean). I think there
    is Nokia/FW-1 at the other end that I'm trying to reach.

    When I try and define a site, I get asked for the ip address of the
    server, and then use Standard mode and off it goes to try and connect,
    but it times out a few minutes later with the message:

    "Operation timed out. This may have happened because your network
    connection is slow, or because of a communication problem."

    Before I rebuilt the machine, I could connect okay. My machine has
    the same private IP address on my home LAN as it had previuosly, and I
    have made no changes to my wireless router. I have allowed the
    service through both Windows firewall and my personal firewall, Sygate
    SPF. I have tried disabling both firewalls too with no success.
    Other users can connect over the VPN fine, it is only myself who has
    this problem.

    What I would like to know (as I'm not a network engineer) is what
    questions I should be asking the firewall admins at work? Also is
    there any logging I can enable on my SecuRemote client? The admins
    claim that nothing has changed at work, and that they can "see me"
    hitting the firewall and being allowed through.

    Basically, how should I go about faulting this problem, where should I
    look, and what sensible questions can I ask of my busy and overworked
    firewall admins.

    Thanks in advance!


  2. Re: Problems creating first site using SecuRemote

    potatan@gmail.com wrote:

    > my personal firewall, Sygate SPF


    and then you wonder why you're experiencing random network problems?

    > I have tried disabling both firewalls too with no success.


    You cannot disable it without complete uninstallation.

  3. Re: Problems creating first site using SecuRemote

    On 13 Feb, 08:18, Sebastian Gottschalk wrote:
    > pota...@gmail.com wrote:
    > > my personal firewall, Sygate SPF

    >
    > and then you wonder why you're experiencing random network problems?


    Err, thanks for the helpful advice about how to fault the problem. My
    configuration has worked fine with SPF before, but I just uninstalled
    SPF and rebooted just in case - same result.

    Notice that I'm trying to get help on trying to diagnose the problem
    myself rather than saying "d00d! My netowrk thing ain't working can u
    tell me how to fix it pls k thx"

    Cheers


  4. Re: Problems creating first site using SecuRemote

    potatan@gmail.com wrote:
    > Hi,
    >
    > I'm trying to connect to my office using SecuRemote R56 build 619, on
    > Windows XP Pro SP2 (rebuilt last week so pretty clean). I think there
    > is Nokia/FW-1 at the other end that I'm trying to reach.
    >
    > When I try and define a site, I get asked for the ip address of the
    > server, and then use Standard mode


    is that the right mode according to your admins?
    >and off it goes to try and connect,
    > but it times out a few minutes later with the message:
    >
    > "Operation timed out. This may have happened because your network
    > connection is slow, or because of a communication problem."
    >
    > Before I rebuilt the machine, I could connect okay. My machine has
    > the same private IP address on my home LAN as it had previuosly, and I
    > have made no changes to my wireless router. I have allowed the
    > service through both Windows firewall and my personal firewall, Sygate
    > SPF. I have tried disabling both firewalls too with no success.
    > Other users can connect over the VPN fine, it is only myself who has
    > this problem.
    >
    > What I would like to know (as I'm not a network engineer) is what
    > questions I should be asking the firewall admins at work? Also is
    > there any logging I can enable on my SecuRemote client? The admins
    > claim that nothing has changed at work, and that they can "see me"
    > hitting the firewall and being allowed through.


    I doubt "they see" you if you have a "timeout"

    > Basically, how should I go about faulting this problem, where should I
    > look, and what sensible questions can I ask of my busy and overworked
    > firewall admins.
    >

    ask them if, they see your vpnconnection actually established,
    if they dont, they should see an error.

    can you even ping the remote gateway?

    check your ipconfig /all
    before and while you try to connect and send it to them

    the securemote has logfiles under "advanced", send those to your admins.

    M

  5. Re: Problems creating first site using SecuRemote

    1) check with "srfw monitor" if your personal firewall is blocking
    communication with the remote vpn gateway.
    C:\Program Files\CheckPoint\SecuRemote\bin>srfw monitor

    2) quick and dirty:
    copy the userc.C over from another working pc.
    Look at:
    C:\Program Files\CheckPoint\SecuRemote\database

    Br.
    Robby


  6. Re: Problems creating first site using SecuRemote

    I'd do #2 as well. Just remember to stop the Check Point services BEFORE you
    copy it over or it will get overwritten.

    Ray

    "Robby Cauwerts" wrote in message
    news:1171441822.198676.61680@h3g2000cwc.googlegrou ps.com...
    > 1) check with "srfw monitor" if your personal firewall is blocking
    > communication with the remote vpn gateway.
    > C:\Program Files\CheckPoint\SecuRemote\bin>srfw monitor
    >
    > 2) quick and dirty:
    > copy the userc.C over from another working pc.
    > Look at:
    > C:\Program Files\CheckPoint\SecuRemote\database
    >
    > Br.
    > Robby
    >




  7. Re: Problems creating first site using SecuRemote

    On 14 Feb, 18:47, "JJ" wrote:
    > I'd do #2 as well. Just remember to stop the Check Point services BEFORE you
    > copy it over or it will get overwritten.
    >
    > Ray
    >
    > "Robby Cauwerts" wrote in message
    >
    > news:1171441822.198676.61680@h3g2000cwc.googlegrou ps.com...
    >
    > > 1) check with "srfw monitor" if your personal firewall is blocking
    > > communication with the remote vpn gateway.
    > > C:\Program Files\CheckPoint\SecuRemote\bin>srfw monitor

    >
    > > 2) quick and dirty:
    > > copy the userc.C over from another working pc.
    > > Look at:
    > > C:\Program Files\CheckPoint\SecuRemote\database

    >
    > > Br.
    > > Robby


    Thanks for the good responses. I enabled logging and sent the output
    to a colleague but he couldn't fault it from that. I ran the srfw
    monitor and could see plenty of activity (acks etc. from the gateway
    server) which looked okay to me, but still no joy. So I visited the
    office this morning with my laptop and tried from there, still no
    good.

    We went through all the settings together and then spotted that I had
    only installed the SecuRemote option, not the SecureClient, despite
    confirming several times that this was the option I should have been
    using. I guess things look different over one's shoulder to how they
    sound over the phone! A quick reinstall and I managed to configure
    the connection whilst attached to the office LAN, then proved it was
    good by attaching to an external network cable and connecting back in.

    I have a desktop at home which still refused to connect after a
    reinstall, but I took your advice and copied userc.c from my working
    laptop to the desktop PC, and now that works fine too.

    So now I have two machines that can connect, despite having Windows
    Firewall enabled, and my personal firewall switched on. Thanks for
    your help guys, although this means that I will now get asked to do
    more work from home...

    Paul


+ Reply to Thread