Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Multicast address

To: "'Juan Concepcion'" <[email protected]>, [email protected], [email protected]
Subject: RE: [FW1] Multicast address
From: Francisco Cabral <[email protected]>
Date: Thu, 19 Apr 2001 09:50:55 +0200
Sender: [email protected]

Already done. As I said, from the slave FW, I can see the VRRP being
accepted. It's only on the other direction that it doesn't happen.

-----Original Message-----
From: Juan Concepcion [mailto:[email protected]]
Sent: 18 April 2001 20:09
To: [email protected]; [email protected];
[email protected]
Subject: RE: [FW1] Multicast address


Francisco,

   Create a rule that says:

src: FW(s)
dst: vrrp_mulitcast object w/ip of 224.0.0.0
action: accept
Tracking: none


>From: Francisco Cabral <[email protected]>
>To: "'Tim Holman'" <[email protected]>,        "Fw-1-Mailinglist 
>(E-mail)"  <[email protected]>
>Subject: RE: [FW1] Multicast address
>Date: Wed, 18 Apr 2001 09:42:04 +0200
>MIME-Version: 1.0
>Received: from beethoven.us.checkpoint.com ([206.184.151.194])by eagle 
>(EarthLink SMTP Server) with ESMTP id tdrjhb.mbm.37tiu0oWed, 18 Apr 2001 
>10:26:02 -0700 (PDT)
>Received: (from majordom@localhost)by beethoven.us.checkpoint.com 
>(8.9.3+Sun/8.9.3/CPbeethoven/1.3.1) id AAA04294for 
>fw-1-mailinglist-outgoing; Wed, 18 Apr 2001 00:40:22 -0700 (PDT)
>Received: from us.checkpoint.com (oak.us.checkpoint.com [206.86.35.94])by 
>beethoven.us.checkpoint.com (8.9.3+Sun/8.9.3/CPbeethoven/1.3.1) with ESMTP 
>id AAA04290for <[email protected]>; Wed, 18 Apr 
>2001 00:40:21 -0700 (PDT)
>Received: from onus.us.checkpoint.com (localhost [127.0.0.1])by 
>us.checkpoint.com (8.9.3+Sun/8.9.3/CPoak/1.5.1) with ESMTP id AAA08382for 
><[email protected]>; Wed, 18 Apr 2001 00:39:13 
>-0700 (PDT)
>Received: from mail.europesave.com (uu212-190-122-206.unknown.uunet.be 
>[212.190.122.206])by onus.us.checkpoint.com (8.10.1/8.10.1/CPmx/1.3.0) with

>ESMTP id f3I7dRs15430for <[email protected]>; 
>Wed, 18 Apr 2001 00:39:27 -0700 (PDT)
>Received: by MAILER with Internet Mail Serviceid <2625PJRA>; Wed, 18 Apr 
>2001 09:42:04 +0200
>Status:  U
>Return-Path: <[email protected]>
>Message-ID: <7B5E9F75E0E7D4119AA50002A50909BB6331@MAILER>
>X-Mailer: Internet Mail Service
>Sender: [email protected]
>Precedence: bulk
>Errors-To: [email protected]
>
>
>That's all done initially.
>
>I understand the need to monitor the FW interfaces but I would like that to
>be log-silent.
>Apparently, you managed to do it.
>
>When I look at the logs, I can see effectily that, through the LAN
>interface, packets are coming out with the public IP of the FW.
>There's no NAT defined for the FW IPs.
>
>Can anyone point me to an article explaining how multicast works so that I
>can assess if this is a Nokia or a IP "feature"?
>
>Francisco
>
>-----Original Message-----
>From: Tim Holman [mailto:[email protected]]
>Sent: 17 April 2001 19:21
>To: Francisco Cabral; Fw-1-Mailinglist (E-mail)
>Subject: Re: [FW1] Multicast address
>
>
>What do your anti-spoofing rules say ?
>Setup the external interface to Others, the sync link to This Net, and the
>internal interface to Others+, adding a group with all the public IP
>addresses you're using for NAT.
>Do this for both firewalls, as this info is not replicated.
>If you're using 'Specific', then add the VRRP multicast object to the 
>group,
>but I've found the above formula works just as well.
>
>Tim
>
>----- Original Message -----
>From: Francisco Cabral <[email protected]>
>To: Fw-1-Mailinglist (E-mail) 
><[email protected]>
>Sent: 11 April 2001 11:02
>Subject: [FW1] Multicast address
>
>
> >
> > Hi,
> >
> > Each day, my FW logs get huge with the VRRP multicast address entries 
>with
> > the reason of "address spoofing". Could the reason be that all the FW
> > interfaces go into a hub (for testing)? Is there a way of not logging
>these
> > packets? Thanks.
> >
> > Regards,
> >
> > Francisco Cabral
> >
> >
> >
> >
> >
>===========================================================================
=
>====
> >      To unsubscribe from this mailing list, please see the instructions 
>at
> >                http://www.checkpoint.com/services/mailing.html
> >
>===========================================================================
=
>====
> >
> >
>
>
>===========================================================================
=====
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
>===========================================================================
=====
>

_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: Re: [FW1] SecuRemote ---> Secure Client
Next by Date: Re: [FW1] Multicast address
Previous by thread: Re: [FW1] Multicast address
Next by thread: RE: [FW1] Multicast address
Index(es):
- Date
- Thread