Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW-1] Problems with domain-tcp

To: [email protected]
Subject: [FW-1] Problems with domain-tcp
From: Thomas Borger <[email protected]>
Date: Thu, 18 Oct 2001 08:54:55 +0200
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

Hi,

I`m using FW1 4.1 SP4 on NT 4.0 and have the following problem with
domain-tcp.

Setup from Properties on the Properties Setup on FW1

 * Accept Domain Name Over TCP (Zone Tranfer) = not enabled (off)

A rule before the cleanup rule is as follow:

 Soruce:                Destination:                    Service:                Action:
---------------------------------------------------------------------------
 isp-dns-server our-dns-server-on-dmz           domain-tcp              accept

Incomming packets from isp-dns-server tcp-port 53 to our-dns-server-on-dmz
should be allowed but are dropped at the moment anyway.
No matter if I placed the rule on a other place in the rulebase no
tcp-packet are allowed.
If I change the checkbox that I mentioned above to "true" all domain-tcp
packets from everywhere go trough the FW1-box.
That is not that what I want.

Have someone solutions for this problem?

best regads

Thomas

===============================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
===============================================

Prev by Date: [FW-1] Anti-Virus - Replacement for NAV for Firewalls
Next by Date: Re: [FW-1] Getting New Nokias
Previous by thread: Re: [FW-1] Anti-Virus - Replacement for NAV for Firewalls
Next by thread: Re: [FW-1] Problems with domain-tcp
Index(es):
- Date
- Thread