NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Rule 0 ... again ...



Anders,

I think you need to change the anti-spoofing to include the 10.0.0.0 network
as well for the interface closest to the ISDN router (192.168.2.1)

Jim

==================================================================
Jim Sweeting		
Consultant
Optimation NZ Ltd
43 College Hill Road
PO Box 106104
Auckland		

d.	+64 9 307 5566
p.	+64 9 309 7918
f.	+64 9 309 7919
m.	+64 25 582047
e.	[email protected]

This e-mail contains proprietary information some or all of which may be
legally privileged. It is for the intended recipient only. If you receive
this email in error, please notify the sender immediately and permanently
delete this email. If you are not the intended recipient you must not use,
disclose, distribute, copy or print this e-mail.

 -----Original Message-----
From: 	Reed Mohn, Anders [mailto:[email protected]] 
Sent:	Thursday, 22 February 2001 9:11 a.m.
To:	'[email protected]'
Subject:	[FW1] Rule 0 ... again ...



OK, 5th try. This computer seriously needs retirement.
I'm sick of writing this email now ...

I know this is a reoccurring subject, and I was
hoping I'd be able to solve it by looking at the archives
and reading the lst, but no...

So, here goes:

LAN|----|FW|-----|ISDN Router|------|Remote site


LAN: 192.168.1.0/24  
ISDN Router: 192.168.2.2
FW:  192.168.1.1 and ..2.1
The ISDN router uses DHCP when dialling to remote site.
Remote server: 10.0.0.1
Spoofing settings: "This net" for both IFs.

Turning the FW off, everything looks good, so routing seems
to be OK. 
With the firewall running, it's a different game:
Traffic to the ISDN-router (192.168.2.2) is let through.
However, FW-1 blocks all traffic to 10.0.0.1 at Rule 0.

??? 
Any tips as to what I did wrong?

Cheers,
Anders :)


============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents � 2003 Network Presence, LLC. All rights reserved.