Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] rejecting of allowed connections

To: Firewall-1 Mailinglist <[email protected]>
Subject: [FW1] rejecting of allowed connections
From: Micha Borrmann <[email protected]>
Date: Thu, 8 Mar 2001 14:51:02 +0100 (CET)
Sender: [email protected]

Hi there,

I see few connections as rejected in my log, but these connections are
allowed! O.k. here are the details:

Source: every host
Dest: a host behind the firewall
Service: an allowed service, f.e. ssh
S_Port: an defined (high) TCP Port with FastMode, f.e. http-proxy (8080)
Action: reject
Rule: the number of the rule, which allows these connection (!)
Info: reason: port belong to service in TCP Fast Mode, port: http-proxy

I understand this, that there is a problem with S_Ports, which are defined
as FastMode Services. A workaround is, to disable the FastMode Option on
these Services, but how I can solve the problem? It sounds similiar to the
ftp Service Port Problem (for myself)
(http://www.phoneboy.com/fw1/faq/0106.html). Have anybody the same
problem?

Bye,
Micha

-- 
see MB6408-RIPE (http://www.ripe.net/cgi-bin/whois?MB6408-RIPE)
for detail contact information



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: RE: [FW1] CCSA
Next by Date: [FW1] Real Player
Previous by thread: RE: [FW1] NAT
Next by thread: [FW1] Real Player
Index(es):
- Date
- Thread