Quote:
Originally Posted by mcnallym  If the network interface of the laptop picks up an address that is in the same range as your internal network (10.1.0.0/20) then the secure client will not attempt to connect to your external IP address as it will determine that the laptop is inside your internal network. |
That's not accurate. I routinely use SecureClient from our plant locations with Office Mode to pick up a known Office Mode address so I can connect to the firewall to manage it. The plant IP ranges are inside the encryption domain.
Quote:
| Office Mode works by assigning an IP address to the Virtual Network Adaptor that is installed on the SecureClient Laptop. However that IP is dynamic and requires that you connect to the gateway first. |
Getting the address does require that you connect first, but you can specify an IP address on a per-user basis by using the ipassignment.conf file.
Quote:
| Office Mode cannot sort out where you are connecting from a network that overlaps with your internal network as it sees you as being internal to your network already. |
It can. The OM IP is tied to the virtual NIC and routed down the tunnel. The IP from the hotel is tied to the real NIC and not routed down the tunnel.
PEMuller, what version of SecureClient are you using? I would highly recommend NGX R60, but not the HFA1 Vista one. The version of SecureClient can be greater than the gateway and it will work fine. I ran SecureClient NGX R60 with an R55 HFA18 gateway for a long time. There were some Office Mode fixes in the later versions.
SecureClient will connect using whatever IP address is assigned to the firewall object in SmartView Dashboard on an R55 gateway.
Ray