Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] 'Exceeded allowed number of internal hosts' while not t rue.

To: Seb Mills <[email protected]>, [email protected]
Subject: RE: [FW1] 'Exceeded allowed number of internal hosts' while not t rue.
From: "Zelck, Guy" <[email protected]>
Date: Fri, 24 Nov 2000 16:09:50 -0000
Sender: [email protected]

Seb,

Reply 2:

I just got news from my local reseller. The cause is a bug that came along
with SP2.
The solution is that they will apply for a hotfix near Checkpoint.
So, I guess you have to see with your local reseller to get it.

Cu,

Guy.



> -----Original Message-----
> From: Seb Mills [mailto:[email protected]]
> Sent: vrijdag 24 november 2000 10:36
> To: Zelck, Guy
> Subject: Re: [FW1] 'Exceeded allowed number of internal 
> hosts' while not
> true.
> 
> 
> Guy,
>          I've come across this and am also looking for an 
> answer. Do you 
> have your rules applied to the interfaces 'Eitherbound' or 
> only 'Inbound' ?
> 
> I have found that fw lichosts also produces the same result, 
> just one entry 
> which actually looks like a log entry.  I've found this 
> packet appears in 
> the log at the same time the ctl entry complaining about 
> licensing shows 
> up. I thought lichosts was meant to simply show a list of all 
> protected IP 
> addresses ?
> 
> Deleting /database/fwd.h and fwd.hosts and restarting the 
> service obviously 
> clears the table, but still the problem reoccurs.
> 
> Have you had any success in solving this ?
> 
> Seb Mills
> 
> At 08:29 22/11/2000 +0000, you wrote:
> 
> >Hi everyone,
> >
> >I've got this FW1 4.1, licensed for 25 int. hosts, installed 
> on an NT4.0 +
> >SP6a with only 4 internal hosts.
> >Normal operation is fine but every mth. there are a couple 
> of hosts added to
> >the fw's internal hosts list that shouldn't be.
> >Since I only have a license for 25 this limit is reached 
> fairly quickly.
> >
> >Doing 'fw lichosts' reveals lines like the following (real 
> addresses have
> >been replaced):
> >E100 10/11/2000 20:17> host:4.3.2.1 src:1.2.3.4 dst:11.12.13.14
> >(an_internal_host (Valid Address)) proto:icmp
> >
> >As you can see, the host: entry is the reverse of the dst: 
> entry and makes
> >no sense. Yet it's counted as an internal host (I presume).
> >The host 'an_internal_host' has a rule to allow icmp.
> >
> >There's no detailed explanation to be found in the docs 
> about the output of
> >'fw lichosts'.
> >
> >Has anyone come across this? Any idee what could be going on?
> >
> >Guy Zelck
> >EDS, E.Solutions Benelux
> >Database- & Unix System Administrator
> >
> >Tel: +32 (0)2 - 711.39.43
> >Fax : +32 (0)2 - 711.39.47
> >Email: [email protected]
> >
> >
> >
> >
> >
> >
> >=============================================================
> ===================
> >      To unsubscribe from this mailing list, please see the 
> instructions at
> >                http://www.checkpoint.com/services/mailing.html
> >=============================================================
> =================== 
> >
> 


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: [FW1] Date: Fri, 24 Nov 2000 09:08:27 -0700
Next by Date: [FW1] udp encasulation example, please.
Previous by thread: [FW1] Date: Fri, 24 Nov 2000 09:08:27 -0700
Next by thread: [FW1] udp encasulation example, please.
Index(es):
- Date
- Thread