[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Simple Nat/Security Rule BASe
Most of the documentation you will find will have sentences seperated out using punctuation. This is a standard, but if you are not used to it, you may find it obscures some quite useful information. These are the steps: 1. Create a firewall object. This is a workstation object defined as being an internal gateway with Firewall-1 installed. 2. Create a network object that encompasses the internal network your five machines are on. 3. Add the following policy rules: Source Destination Service Action Log Internal_network Any http (etc) Accept Long Any Any Any Drop Long (the first rules service column should include all services you want outbound) (the second rule drops anything else) 4. Add a translation rule: Src Dest Service Src Dest Service Internal_network Any Any Firewall (hide) Orig Original 5. Install. Now suppose you muddle through this and install the policy, and you find people can surf. Ask yourself this question: you have been tasked with securing the network from the internet. How do you know that you have accomplished this? I heartily recommend you embark on some training of some sort. Good luck, Paul Murphy. -----Original Message----- From: Rodrick Brown [mailto:[email protected]] Sent: 11 October 2000 02:40 To: [email protected] Subject: [FW1] Simple Nat/Security Rule BASe Hey guys just got checkpoint fw installed anyone here know of a simple conf I can use to secure my companys lan simple network 5 machines we want to do nat I cant seem to find any good documentation if anyone knows anything please let me know please cc a copy of your reply to [email protected] thanks. ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== --------------------------------------------------------------------------------- This e-mail is intended only for the above addressee. It may contain privileged information. If you are not the addressee you must not copy, distribute, disclose or use any of the information in it. If you have received it in error please delete it and immediately notify the sender. evolvebank.com is a division of Lloyds TSB Bank plc. Lloyds TSB Bank plc, 71 Lombard Street, London EC3P 3BS. Registered in England, number 2065. Telephone No: 020 7626 1500 Lloyds TSB Scotland plc, Henry Duncan House, 120 George Street, Edinburgh EH2 4LH. Registered in Scotland, number 95237. Telephone No:Lloyds TSB Bank plc and Lloyds TSB Scotland plc are regulated by the Personal Investment Authority and represent only the Scottish Widows and Lloyds TSB Marketing Group for life assurance, pensions and investment business. Members of the UK Banking Ombudsman Scheme and signatories to the UK Banking Code. ---------------------------------------------------------------------------------- ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|