RE: [FW1] Fw: ip confilct and firewall crash

["Hal Dorsman" <hdorsman@FW1-NOSPAMblackfoot.com>]

I am not sure if there is anything you can do in the firewall to prevent this.

You can use DHCP for IP allocation on your network, but you would need

to lock down the clients with adminstrators permissions so that users

can't change IP setup.

 

Hal

-----Original Message-----
From: Manish [mailto:mawasthi@hclinsys.com]
Sent: Sunday, May 20, 2001 11:28 AM
To: fw-1-mailinglist@beethoven.us.checkpoint.com
Subject: [FW1] Fw: ip confilct and firewall crash

 

dear friend,

 

i am facing a problem in my setup.

 

i have attached the diagram of my setup.

 

as shown in the diagram i have many zones which are protected by the firewall.the firewall is Checkpoint Fw-1 ver 4.1 SP2

i have my firewall operational on Solaris 6.

 

Zone B has webservers and ftp servers which are being accessed from the internet.

 

Zone C is the zone where we have the employee's PCs.

 

yesterday, one of our employees changed his PC's ip to the ip of the firewall . he allotted to his PC the ip of the firewall's Zone C arm .Even after the machine detected ip clash, the employee accepted the warning and continued with change of IP.thus he allotted the ip of the firewall's zone C arm.

 

after this my firewall crashed.i mean to say that the firewall was not accepting any connection from anywhere.the firewall was not accepting any connection whether it originated from /ended at Zone A or Zone B or internet ( our webserver and ftp server was not accessible from internet) .

 

after this i have disconnected the employee's PC and restarted firewall.Now the firewall is working fine.

 

but i am worried if i face this again.

 

how can i prevent this happening again?do i need to do something on the OS configuration of the firewall machine or alter some firewall settings?

 

please guide me.please feel free to contact me.

 

thanks in advance

 

regards

 

shameek