[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] Anti-spoofing, loading rules and license problem
Had a strange situation yesterday on a FW-1 4.0 on HP-UX 10.20 running both FW-1 managment module and FW-1 gateway module. The firewall have one connection to the internet, one to our internal network and three DMZ zones. For each DMZ interface, I changed the property settings: Old setting: Valid addresses: Any + Spoof Tracking: None New setting: Valid addresses: This net + Spoof tracking: Log Then I reinstalled and lost connection. I ran the GUI from the internal network. At the HP consol I took a "fwstop" and then a "fwstart". It failed to load the ruleset. I then took a "shutdown -r now". When FW-1 was starting, it complained that there was too many internal hosts - only 25 was allowed, and it came with a dump of IP-addresses. And it could not load the ruleset. We have a unlimited license on this machine. After reboot, I manually edited objects.C and reset the interface properties for the three DMZ interfaces to "Valid addresses: Any" and then compiled and loaded the ruleset without any problems. I also rebooted the machine and it did not longer complain about too many internal hosts. This sounds like a bug in the software? Comments? --- Jørn Yngve Dahl-Stamnes EDB Teamco, Trondheim [email protected] > -----Original Message----- > From: Mika Napari [mailto:[email protected]] > Sent: 17. mai 2001 13:04 > To: [email protected]; > [email protected] > Subject: RE: [FW1] SecureRemote and Windows 2000 > > > Hi, > > I think you have wrong version of SecuRemote. > You should use: > VPN+Des SecuRemote 4.1 build 4176 for Windows 2000 or > VPN+Strong SecuRemote 4.1 build 4176 for Windows 2000 > > which you can download from > http://www.checkpoint.com/techsupport/freedownloads.html > > -- > Mika Napari / Siemens / IT Service > email: [email protected] > tel: +358 10 511 5151 > > > > -----Original Message----- > > From: [email protected] > > [mailto:[email protected]]On Behalf Of > > [email protected] > > Sent: 16. toukokuuta 2001 13:01 > > To: [email protected] > > Subject: [FW1] SecureRemote and Windows 2000 > > > > > > > > I'm trying to install SecureRemote on Windows 2000. But I get > > this message: > > > > > > Incompatible NT > > Version SP4 or higher required > > > > I'm installing from CheckPoint 2000 Enterprice Suite (version 4.1). > > > > Isn't SecureRemote supported under Windows 2000? > > > > --- > > Jørn Yngve Dahl-Stamnes > > EDB Teamco, Trondheim > > [email protected] > > > > > > ================================================================== > > ============== > > To unsubscribe from this mailing list, please see the > instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================================== > > ============== > > > > > ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|