[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] DNS Stop Running caused by FW Checkpoint NG
I would demand the vendor provide documentation from checkpoint that this configuration is preferred and recommended. I can think of many more reasons to have DNS on a separate box than I can having them together. The best being that your firewall would be less susceptible to DOS and hack attempts/events. That being said, if you must run them on the same box make sure you check the properties box signifying traffic originating from firewall. Plus the rules: Any FW DNS ACCEPT FW any DNS ACCEPT Plus think of a rule to allow the returns on high ports for the response back to the DNS server. Hope this helps, good luck! Patrick Kelly linux: the choice of a GNU generation -----Original Message----- From: BY [mailto:[email protected]] Sent: Monday, December 03, 2001 7:18 AM To: [email protected] Subject: [FW-1] DNS Stop Running caused by FW Checkpoint NG Hello there, My contractor has made many attempts but failed so far to install the following environment for my company:- Attempt No #1 OS: Windows 2000 Server (Standalone) with DNS Server installed FW: Firewall Checkpoint Next Generation Attempt No #2 OS: NT Server with SP5 (Standalone) FW: Firewall Checkpoint 4 with SP8 They have tried both methods but DNS Server seems to be stopped by Firewall Checkpoint application. Does anyone have this problem before and if so can you recall how it has been fixed. I have never recommended to have both DNS & Firewall Checkpoint running on the same box but apparently they says this is Firewall's recommendation. Anyway, I will look at this as my phase 2 project. The objective of my Phase 1 action is to upgrade both hardware & Firewall Checkpoint application environment. The current environment of my firewall is as follow which is not installed by the same contractor unfortunately:- OS: NT Server with SP5 (Standalone) FW: Firewall Checkpoint 4 with SP3 Any clues from you guys would be appreciated. Thank You. BY =============================================== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html =============================================== =============================================== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ===============================================
|