[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Too Many Internal Hosts
If you are using things such as the SMTP security server (CVP anti-virus for example) the connections established on those rules show up in your log (and presumably by the FW) from "daemon" and not from a specific interface. I have watched my log carefully and noticed that the IP addresses that show up coming from "daemon" also show up when I do an "fw lichosts". I have not taken the opportunity to continue studying this, but it does seem possible that this could be a source of some of extra addresses being counted against the license. Any thoughts????? Steve Schuster, CCSE, CCNA Midwest ISO Security Analyst -----Original Message----- From: Joerg Weber [mailto:[email protected]] Sent: Friday, March 09, 2001 8:05 AM To: [email protected] Subject: AW: [FW1] Too Many Internal Hosts Same story here. I've seen bizarre entries in my hostfile where hosts are listed which are def. not from my internal network. And everything is configured right, I've even had a ticket open with my reseller. I guess it's another FW-1 quirk. Cheers, Joerg ------------------------------------------------------------ Joerg Weber, Systemadministration JET Online GmbH Altenkesseler Straße 17 / Geb. B5 66115 Saarbruecken mailto:[email protected] http://www.jet-online.de ------------------------------------------------------------ Beg to differ. We have a pair of HA firewalls (VRRP) and we have this problem. Now I _know_ the external interface is set correctly. We have had consultancy in to check this, in case there is something silly that we did. To no avail. Our firewall still counts external hosts. Not all of them (we get a lot of traffic, and only a slow growth of hosts) but enough to shove us over our license limit. At current count, we have 56 external hosts in our tables. This is after resetting it several weeks ago. We do get more that 56 connections in that interval, since we host a number of websites which catch some fairly heavy traffic. -- Ed Rolison System Administrator Phone: 01926 455303 http://www.byzantium.com Byzantium Solutions Ltd ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|