[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: RE: [FW1] Install on ..
Hello, Taken from the manual : If install on is gateway Enforce on all network objects defined as gateways in the direction specified.(in properties) destination Enforce in the inbound directon on the firewalled network objects source Enforce in the outbound direction on the firewalled network objects target Enforce on the specified target objects onlym in the inbound and outbound directions So assume you have in your policy properties direction outbound. If the rule says install on gateway, packets will only be checked in outbound direction. If you want to override this for particular rule, you can add install on destination also for that rule. Thats how I understand it anyway. Regards, Werner -----Original Message----- From: Mohamed Maraikayar [mailto:[email protected]] Sent: Wednesday, September 26, 2001 10:42 AM To: Brockhoven, Werner Cc: [email protected] Subject: Re: RE: [FW1] Install on .. Thanks, but iam clear with inbound or eitherbound.if suppose,let us take an example of 2 rulebase lines, "ftpusers ftp-serv ftp userauth src " and "ftpusers ftp-serv ftp userauth gateway" .Now how the fw-1 works? assume it is eitherbound.this is my exact doubt, i see that if we give src or gateway, the objective we get is same.there should be some difference, advantages or otherwise there is no fun in that option src or destination or router etc.that is what i want to know. thanks, mohamed. On Wed, 26 Sep 2001 Brockhoven, Werner wrote : > Hello, > > The difference is with the way FW-1 will check the > packets as they enter or > leave the gateway. > > Check http://www.phoneboy.com/faq/0102.html for the > awnser. > > Regards, > > Werner > > -----Original Message----- > From: Mohamed Maraikayar [mailto:[email protected]] > Sent: Tuesday, September 25, 2001 3:05 PM > To: [email protected] > Subject: [FW1] Install on .. > > > > > this may be an elementary question,but i am helpless > now.In checkpoint rule > base,What is the difference between Install on source, > destination or routers > or gateways? i read the secadmin pdf of checkpoint, but > coudlnt understand > the differnce.i have ,by default choose install on > gateways.but if we give > install on source,all outbound connections from that > source is checked.the > prime objective is also achieved when we give install > on gateways.could > anyone clear me with simple words ? > thanks > mohamed. > > > > ========================================================- > ==================== > ==== > To unsubscribe from this mailing list, please see > the instructions at > http://www.checkpoint.com/services/mailin- > g.html > ========================================================- > ==================== > ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|