[VPN] RE: SecureClient VPN + Hummingbird Exceed, NG FP3 RESOLVED!!
Ueckert, Samuel D.
samuel.ueckert at unocal.com
Fri Jan 17 09:58:54 EST 2003
I wanted to thank everyone for their input on this problem. I resolved
this issue by adding an explicit rule to allow X11 to the Office Mode
subnet. I already had an 'Any' rule that I thought would take care of
the traffic, but it turns out that X11 is not part of the 'Any' services
group.
I have included the relevant kb article below.
Environment: VPN-1 NG FP3, FireWall-1 NG FP3, SecureServer NG FP3, X-11,
Smart DashBoard, Service, match for "any"
Symptoms:
X11 is blocked although the rulebase allows it
Cause:
X11 is blocked by default when it is matched with rule that has "any" as
the service.
Solution:
Use a rule above the "any" service rule explicitly using the X-11
service or revert to the previous behavior by setting the
"reject_x11_in_any" global property to false using dbedit. This property
was added for compatibility reasons, it is not recommended to change its
default value.
Best Regards,
Sam Ueckert.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/vpn/attachments/20030117/eeeeef43/attachment.htm
More information about the VPN
mailing list