Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: RE: [FW1] Install on ..

To: "'Mohamed Maraikayar'" <[email protected]>
Subject: RE: RE: [FW1] Install on ..
From: "Brockhoven, Werner" <[email protected]>
Date: Wed, 26 Sep 2001 09:49:08 +0100
Cc: [email protected]
Sender: [email protected]

Hello,

Taken from the manual :

If install on is 

gateway		Enforce on all network objects defined as gateways in the
direction specified.(in properties)
destination 	Enforce in the inbound directon on the firewalled network
objects
source		Enforce in the outbound direction on the firewalled network
objects
target		Enforce on the specified target objects onlym in the inbound
and outbound directions

So assume you have in your policy properties direction outbound.

If the rule says install on gateway, packets will only be checked in
outbound direction.  If you want to override this for particular rule, you
can add install on destination also for that rule.

Thats how I understand it anyway.

Regards,

Werner

-----Original Message-----
From: Mohamed Maraikayar [mailto:[email protected]]
Sent: Wednesday, September 26, 2001 10:42 AM
To: Brockhoven, Werner
Cc: [email protected]
Subject: Re: RE: [FW1] Install on ..



Thanks, but iam clear with inbound or eitherbound.if suppose,let us take an
example of 2 rulebase lines,
"ftpusers ftp-serv ftp userauth src " and "ftpusers ftp-serv ftp userauth
gateway" .Now how the fw-1 works? assume it is eitherbound.this is my exact
doubt, i see that if we give src or gateway, the objective we get is
same.there should be some difference, advantages or otherwise there is no
fun in that option src or destination or router etc.that is what i want to
know.
thanks,
mohamed.

On Wed, 26 Sep 2001 Brockhoven, Werner wrote :
> Hello,
> 
> The difference is with the way FW-1 will check the 
> packets as they enter or
> leave the gateway.
> 
> Check http://www.phoneboy.com/faq/0102.html for the 
> awnser.
> 
> Regards,
> 
> Werner
> 
> -----Original Message-----
> From: Mohamed Maraikayar [mailto:[email protected]]
> Sent: Tuesday, September 25, 2001 3:05 PM
> To: [email protected]
> Subject: [FW1] Install on ..
> 
> 
> 
> 
> this may be an elementary question,but i am helpless 
> now.In checkpoint rule
> base,What is the difference between Install on source,
> destination or routers
> or gateways? i read the secadmin pdf of checkpoint, but 
> coudlnt understand
> the differnce.i have ,by default choose install on 
> gateways.but if we give
> install on source,all outbound connections from that 
> source is checked.the
> prime objective is also achieved when we give install 
> on gateways.could
> anyone clear me with simple words ?
> thanks
> mohamed. 
> 
> 
> 
> ========================================================-
> ====================
> ====
>      To unsubscribe from this mailing list, please see 
> the instructions at
>                http://www.checkpoint.com/services/mailin-
> g.html
> ========================================================-
> ====================
> ====
 


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: Re: RE: [FW1] Install on ..
Next by Date: [FW1] (2) Bad SIC status between NT4.0 and Linux RH6.2
Previous by thread: Re: RE: [FW1] Install on ..
Next by thread: RE: [FW1] Install on ..
Index(es):
- Date
- Thread