[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [FW1] FW-1 and Websense
Title: RE: [FW1] FW-1 and Websense
Marc,
What is your firewall setup? Platform/OS and FW-1 Ver?
I have seen this on a Sun Solaris 2.6 box where routing did not get turned on properly and the box assumed 0.0.0.0 was a valid address rather than using the default route to the internet.
Just my $0.02
Phillip
-----Original Message-----
From: Marc Jacquard [mailto:[email protected]]
Sent: Friday, December 08, 2000 1:50 PM
To: Fw-1-Mailinglist@Lists. Us. Checkpoint. Com
Subject: [FW1] FW-1 and Websense
I have a specific LAN for visitors that is only allowed access to the
outside world. I have 3 rules defined for this network.
visitor-net any http-->Adult drop long
vistor-net external-net http accept long
telnet
ftp
ssh
https
dns
visitor-net any any drop long
My problem is that I can do all the functions accept HTTP and HTTPS. Every
packet that goes out on those two services are being drop for web security
reasons by websense. The only way I have been able to get the rule to work
is instead of using the external-net object, I had to use the any for rule
#2. This does not seem right to me. Has anyone else had this problem? My
external-net object is 0.0.0.0 and is used in my address translation table.
This was an object recommended by CkeckPoint. I have called websense, but
they are a callback (No live people on the phones!) system and who knows
when they will call back. Any help would be greatly appreciated.
Best regards,
Marc Jacquard
SR. Systems Engineer (CCSA)
Fujitsu America, INC.
Hilo Office
email: [email protected]
Telephone:
Pager:
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================