[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] FW: Win2k and Exchange thro FW-1 v4.0 Sp7
Patrick, Although this is not an answer to your question you should be aware that 4.0 support goes away next month. No more support, no more patches, so I would first upgrade to 4.1 and I do believe that also by doing this, going to the latest version of course, your issues should be resolved. -----Original Message----- From: [email protected] [mailto:[email protected]]On Behalf Of Patrick Doyle Sent: Tuesday, October 02, 2001 1:46 PM To: '[email protected]' Subject: [FW1] FW: Win2k and Exchange thro FW-1 v4.0 Sp7 > Dear list, > > I am trying to configure our Windows 2000 clients to be able to access > Exchange, and also authenticate through our Checkpoint firewall v4.0 sp7. > I have added all the relevant services to a rule which include Kerberos, > NetBIOS, LDAP, NTP and TCP port 135 (port mapper). > > However, when a user logs on, the random ports assigned by the portmapper > on the DCs and Exchange servers are dropped by the firewall, which leads > me to believe that fw-1 has a problem with RPC connections. > > I have configured the security policy settings to allow RPCs through the > firewall and also checked and amended the object.C file for tcprpc (true), > and still have the same problem. I realise that you can assign static > ports to the IS and DS services on the Exchange server, and also to the > NTDS service on the DCs as specified on Checkpoints secure knowledge base. > > > If i implement the static ports on our servers, i am thinking it kind of > defeats the object and that FW-1 v4.0 actually doesn't support RPC. > > Can anyone put me straight on this issue please? > > Many thanks > > Patrick Doyle > > Patrick Doyle - Infrastructure Team > Publishing Systems, BBC Worldwide Ltd > 80 Wood Lane, London, W12 0TT > Tel: 020 8433 3186 Fax: 020 8433 2730 > Email: [email protected] > This e-mail, and any attachment, is confidential. If you have received it in error, please delete it from your system, do not use or disclose the information in any way, and notify me immediately. The contents of this message may contain personal views which are not the views of the BBC, unless specifically stated. ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|