[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] Inbound, Outbound, Eitherbound
If FW is blowing away these addresses, set your anti-spoofing rules to Others +, and define a group with the external IP addresses that are internal to put there. ----- Original Message ----- From: Tim Parker <[email protected]> To: <[email protected]> Sent: 09 April 2001 10:26 Subject: [FW1] Inbound, Outbound, Eitherbound > > I am looking for some real world experience to help me answer this question. > We are currently having licensing issues (this is due to the way that we set > up our BigIP boxes behind our FW, long story) But what is happening is that > our FW is seeing external addresses on one of the internal interfaces so it > is trying to "protect" them. Hence throwing us way over on our licenses (and > generating an aweful lot of emails to me!) > > What I am thinking of trying, but this is where I need the help!, is > changing the setting from eitherbound (the default) to inbound for our > rulebase. I am curious though, if there are any other ramifications, other > than the fact that the firewall will let anything from "inside" the network > out without checking it. With stateful inspection, I should be fine, I > believe. > > Any comments to my issue? > > Tim Parker > > > > ============================================================================ ==== > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================================ ==== > > ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|