NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] RE: [fw1-wizards] bloomberg services



Hi,

The first thing is to assume that you spoke to the right Bloomberg tech
support person and actually have the right information !! 

It took me a couple of days to get the correct information - be careful
since there are two network ranges, one for the direct
router-to-your-network config and one for the Internet based service.

In summary, the following info was the latest I managed to extract from them

The network ranges for router-to-your-network are
	199.105.176.0	255.255.248.0
	199.105.184.0	255.255.254.0
	205.183.246.0	255.255.255.0
	208.134.161.0	255.255.255.0	(Current)

The network ranges for Internet access are
	206.156.53.0	255.255.255.0
	205.216.112.0	255.255.255.0
	
Port ranges are 
	TCP	48129-48192
	UDP	8194-8294

The config that works for me is :-

1. Define all Bloomberg network ranges NET_BLOOM1, NET_BLOOM2, from correct
table above
2. Add all network ranges to a group GRP_BLOOMBERG
3. Create a service BLOOM_TCP 8194-8294
4. Create a service BLOOM_UDP port range 48129-48192
5. Add BLOOM_TCP and BLOOM_UDP "Bloomberg" service group.
6. Create rule on firewall as follows

From			To			Service	Action
Internal_LAN	GRP_Bloomberg	Bloomberg	Accept

This was the smallest hole I could create to allow access without opening up
a hole big enough to drive a tank through 

Hope this helps

Cheers

Tim

-----Original Message-----
From: Ivan Fox [mailto:[email protected]]
Sent: 07 October 2000 02:14
To: Fw1-Wizards (E-mail); fw-1-mailinglist (e-mail)
Subject: [fw1-wizards] bloomberg services


We are trying to setup a couple users to use bloomberg finanical news.  The
dedicated software requires a series of 100 udp ports and 50 tcp ports open.
For instance, the udp ports are 48100 to 48200 and tcp ports are 4920 to
4970.

Talked to Check Point (gold) technical support.  Two "specialists" offered
two different answers.  One said that we should use the source port range in
the workstation object.  The other said we need to use port range instead of
workstation object.  Confused and the solution is not working.  Any
suggestions are appreciated.

>From the firewall log, we could see the firewall has accepted the packets,
but no response from bloomberg servers.  However, when we telnet using a
defined port, e.g., 4921.  The bloomberg servers responsed!

There is only one rule saying "any" "bloomberg servers" "tcp-port range and
udp-port range" "accept".

Your comments/suggestions are badly needed.

Regards,

Ivan


---------------------------------------------------------------------
This email came from the FireWall-1 Wizards Mailing List
To unsubscribe, e-mail: [email protected]
For more information, email: [email protected]
************************************************************************
The information in this email is confidential and is intended solely
for the addressee(s).
Access to this email by anyone else is unauthorised. If you are not
an intended recipient, you must not read, use or disseminate the
information contained in the email.
Any views expressed in this message are those of the individual sender,
except where the sender specifically states them to be the views of
The Capital Markets Company.

http://www.capco.com
***********************************************************************



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents � 2003 Network Presence, LLC. All rights reserved.