[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] Question about log information
Hi, the rule No. "sam" is a blocking, initiated by the feature Block Intruder. In the Active Log these connections are blocked by this feature. Because this is a separate rule and not in the rulebase, the No. is sam - suspicious activity monitoring. You can clear the blocking in the Active Log or using fw sam -D at the command line of the Management-Modulte. Hope it helps, best regards Matthias "Fernando Hagelsieb C." wrote: > Hi All: > > I have a VPN-1 on an WinNT box, I want to activate Client authentication on > the external interface using telnet on port 259 or HTTP on port 900. > > But those listeners works fine on all interfaces except the external > interface. > > looking at the Log Viewer the traffic is rejected by a rule named SAM, Does > anyone knows what does SAM rule mean?? > > here is a sample: > > "13" "4Sep2001" "15:26:15" "El90x3" "gdlfw" "alert" "reject" > "FW1_clntauth_telnet" "OSCAR" "gdlfw" "tcp" "sam" "2538" "" "" "" > "" "" "" "" "" "" "firewall" " len 48" > > Thanks in advance for your comments. > > ================================================================================ > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================================================ begin:vcard n:Leu;Dr. Matthias tel;cell:tel;fax:+49 8102 895 199 tel;home:+49 89 69759390 tel;work:+49 8102 895 190 x-mozilla-html:FALSE url:http://www.aerasec.de org:AERAsec Network Services and Security GmbH adr:;;Wagenberger Strasse 1;D-85662 Hohenbrunn;;;Germany version:2.1 email;internet:[email protected] fn:Dr. Matthias Leu end:vcard
|