[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] How to set external.if
I'd say that the most common problem with the "too many hosts allowed" by customer is the lack of understanding how check point licenses. You must keep in mind that whenever licensing Check Point for less than unlimited, you have to tell Check Point which interface is your external interface. This designation of the interface is telling check point, "Do not Snoop for source addresses to include as part of my license on this interface." But snoop every other interface for source addresses to place in my licensed hosts file. Also, I've found that people with licensing problems are often doing things such as running their internal and external networks over the same switch or hub which causes Check Point to license the internet :) Keep in mind that Check Point licenses ip addresses not users. -=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=- Larry Pingree Sr. Security Consultant Email: [email protected] SiegeWorks Company WebSite: http://www.siegeworks.com/ Security Installation, Training and Consulting -=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=- ----- Original Message ----- From: Langa Kentane <[email protected]> To: <[email protected]> Cc: Firewall-1 Mailing List (E-mail) <[email protected]> Sent: Wednesday, February 21, 2001 11:32 PM Subject: RE: [FW1] How to set external.if > > Sorry, I forgot to mension that you have to delete the files fwd.h and > fwd.hosts in your $FWDIR/database > > Ciao > > -----Original Message----- > From: [email protected] [mailto:[email protected]] > Sent: 22 February 2001 07:40 > To: [email protected] > Subject: [FW1] How to set external.if > > > > Now I put interface name "hme0" in the external.if file. But in > firewall > console, It showed message too many host. And I looked at list of hosts > in "/var/adm/messages",almost are come from interface hme0. Why firewall > counted ip from that interface? How to solve this problem? > Regards, > Chat Thongsong > > > > ============================================================================ > ==== > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================================ > ==== > > > ============================================================================ ==== > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================================ ==== > ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|