NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] Rule question



I was trying to consolidate my rulebase this weekend and found that what I
thought should work didn't. I'm probably missing something really simply
here, but I can't find it. I poured through the manuals and couldn't find
any help (surprise surprise), nor could I find anything on phoneboy. Any
help would be greatly appreciated!

Here's the objects I have defined (fake ip's of course):

Type			Name		Data
workstation		ns1		192.168.10.1/24
workstation		ns2		192.168.10.2/24
service group	DNS		dns-udp, dns-tcp
host group		ns_servers	ns1, ns2
network		outside	0.0.0.0/0

Originally I had the following 2 rules defined to let dns traffic to
specific hosts:

Source		Dest		Service	Action
------		----		-------	------
ns_servers		outside	DNS		Allow
------------------------------------------------
outside		ns_servers	DNS		Allow

I tried to merge this into one rule as:

Source		Dest		Service	Action
------		----		-------	------
ns_nservers		ns_servers	DNS		Allow
outside		outside

This caused all dns traffic to be dropped (per the last rule).

Derek J. Lambert, MCSE, A+
Network Administrator
Columbia ParCar Corp.





================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.