NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Exchange Services dropped by rule 0




Do you have your interface direction set to inbound, outbound or
eitherbound?



Andy David
J. Muller International / Egis, Inc.




-----Original Message-----
From: Mark Holman [mailto:[email protected]]
Sent: Wednesday, September 20, 2000 11:17 PM
To: '[email protected]'
Subject: RE: [FW1] Exchange Services dropped by rule 0



 I have disabled anti-spoofing on all three interfaces and I still get the
entries in the log.  The only router is the one set up by our Internet
provider, but even if the latter is the case and anti-spoofing is disabled
it should not matter how the router is configured.

Thanks

-----Original Message-----
From: Wayne Graves
To: 'Mark Holman'
Sent: 9/20/00 8:09 PM
Subject: RE: [FW1] Exchange Services dropped by rule 0

 Is spoofing turned off ?

 Rule zero are the internal rules
 Check the interface this is failing on and make sure either spoofing is
off
or that the target address in in the list. The one other thing that can
do this
is if you are going thru a router and the route to the destination is
either
undefined (with default back to the firewall) or otherwise pointed back
to
the firewall (this assumes spoofing on and correct). In this case the
packet 
goes out fine but gets bounced off the router and when it comes back the

firewall decides it's a spoof since it thinks it's coming from the
firewall.

 Any of that make sense?  Rule 0's are implicit rules, I can't think of
anything
but spoofing that would be doing this but you can see more of what's
going on
then I.
                                 Good Luck
                                   Wayne

-----Original Message-----
From: Mark Holman [mailto:[email protected]]
Sent: Wednesday, September 20, 2000 2:43 PM
To: '[email protected]'
Subject: [FW1] Exchange Services dropped by rule 0



Let me try this again without the tabs, so it is legible.

We have one FW with a localnet and a DMZ behind the FW with Exchange
server
sitting in the DMZ.  I have set up the Directory Service and Information
Store used by Exchange and Outlook clients to use two specific high
numbered
ports called DirStore and InfStore..  Everything appears to be working
okay,
but the log is filling up with the following entries that are being
blocked
by rule 0.  With Valid IP meaning the Valid IP assigned to the NIC on
the
external interface of the FW and Random Ports are just that - the ports
vary
between each log entry.

Origin        Valid IP
Service       Exchange_DirSer
Source        Local PC
Destination   Exchange Srv
Proto         tcp
Rule          0
S_Port        random ports

And many combinations of the above all dropped by rule 0.  All with
Origin
"Valid IP"		

Again, all appears to be working okay, but the log will fill up in
minutes. 

Any insight would be appreciated.



========================================================================
========
     To unsubscribe from this mailing list, please see the instructions
at
               http://www.checkpoint.com/services/mailing.html
========================================================================
========


============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents � 2003 Network Presence, LLC. All rights reserved.