[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] 'Exceeded allowed number of internal hosts' while not t rue.
Seb, Reply 2: I just got news from my local reseller. The cause is a bug that came along with SP2. The solution is that they will apply for a hotfix near Checkpoint. So, I guess you have to see with your local reseller to get it. Cu, Guy. > -----Original Message----- > From: Seb Mills [mailto:[email protected]] > Sent: vrijdag 24 november 2000 10:36 > To: Zelck, Guy > Subject: Re: [FW1] 'Exceeded allowed number of internal > hosts' while not > true. > > > Guy, > I've come across this and am also looking for an > answer. Do you > have your rules applied to the interfaces 'Eitherbound' or > only 'Inbound' ? > > I have found that fw lichosts also produces the same result, > just one entry > which actually looks like a log entry. I've found this > packet appears in > the log at the same time the ctl entry complaining about > licensing shows > up. I thought lichosts was meant to simply show a list of all > protected IP > addresses ? > > Deleting /database/fwd.h and fwd.hosts and restarting the > service obviously > clears the table, but still the problem reoccurs. > > Have you had any success in solving this ? > > Seb Mills > > At 08:29 22/11/2000 +0000, you wrote: > > >Hi everyone, > > > >I've got this FW1 4.1, licensed for 25 int. hosts, installed > on an NT4.0 + > >SP6a with only 4 internal hosts. > >Normal operation is fine but every mth. there are a couple > of hosts added to > >the fw's internal hosts list that shouldn't be. > >Since I only have a license for 25 this limit is reached > fairly quickly. > > > >Doing 'fw lichosts' reveals lines like the following (real > addresses have > >been replaced): > >E100 10/11/2000 20:17> host:4.3.2.1 src:1.2.3.4 dst:11.12.13.14 > >(an_internal_host (Valid Address)) proto:icmp > > > >As you can see, the host: entry is the reverse of the dst: > entry and makes > >no sense. Yet it's counted as an internal host (I presume). > >The host 'an_internal_host' has a rule to allow icmp. > > > >There's no detailed explanation to be found in the docs > about the output of > >'fw lichosts'. > > > >Has anyone come across this? Any idee what could be going on? > > > >Guy Zelck > >EDS, E.Solutions Benelux > >Database- & Unix System Administrator > > > >Tel: +32 (0)2 - 711.39.43 > >Fax : +32 (0)2 - 711.39.47 > >Email: [email protected] > > > > > > > > > > > > > >============================================================= > =================== > > To unsubscribe from this mailing list, please see the > instructions at > > http://www.checkpoint.com/services/mailing.html > >============================================================= > =================== > > > ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|