[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Antispoofing and bootp
Yes, adding a workstation object with 255.255.255.255 to the antispoof group will help you. And perhaps you need another object with 0.0.0.0 Olav > -----Original Message----- > From: [email protected] [mailto:[email protected]] > Sent: Tuesday, May 15, 2001 11:10 PM > To: [email protected] > Subject: [FW1] Antispoofing and bootp > > > > > > I am having some antispoofing configuration problems. > CPMAD keeps on getting ativated by bootp reguests. > When I look in the Check Point Logviewer I see this: > > Service: bootp > Source: (blank) > Destination: 255.255.255.255 > Proto: udp > Rule: 0 > S_Port: 68 > > I am running Check Point v4.1 sp3 > I have configured and enable CPMAD. > I have 4 network cards installed and have configured this > under the Interface > properties->Security > under Valid Address > > Internet adapter El90x1 - Others > DMZ01 El90x2 - Others > DMZ02 El90x3 - Others > Internal LAN El90x4 - Specific->AntiSpoof-Group > > > The Antispoof group consists of my two internal networks. > I'm also running DHCP in my internal network. > > My question is do I have to create a Network object of > 255.255.255.255 and place > it in the AntiSpoof group? > Will this stop the CPMAD from activating? > > > Thanks > > AC > > > > > > ============================================================== > ================== > To unsubscribe from this mailing list, please see the > instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================== > ================== > ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|