NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW-1] Réf. : Re: [FW-1] Rule 0



Hello

I guess that we should perhaps  :
- disable control connections
- create explicit communication rules between management / modules
- THEN push  (install) to the modules

Otherwise you are locked out and you have to do a fw unload localhost on
each of your modules...

Regards

Ivan




Serge Vondandamo <[email protected]>
Envoyé par : Mailing list for discussion of Firewall-1
<[email protected]>
07/01/2002 09:22
Veuillez répondre à Mailing list for discussion of Firewall-1


        Pour :  [email protected]
        cc :
        Objet : Re: [FW-1] Rule 0

Hi,

To view the Rule 0, do the following:

- Open the Policy Editor then go to the "View " menu.
- On the "View" menu, click on the "Implied Rules".

You will be able to see the "Implied Rules" which are loged as "Rule 0",
on
top of your rules.

To disable the "Implied Rules" do the following:

- Copie all the "Implied Rules" somewhere so that you can learn from them
when building your own communication rules.
- Open the Policy Editor ->go to the "Policy" then "Properties" menu.
- On the "Implied Rules" section, uncheck the "Accept VPN-1 & Firewall-1
Control connections".
- Click OK to apply the settings and push the policy on your Firewalls.
- Stop and Start the FW-1 services.
- Create your own "Cotrol connection rules".
- Install the policy.

For more information see the Firewall-1 Admin Guide.

Cheers,


Serge

-----Original Message-----
From: [email protected] [mailto:[email protected]]
Sent: Monday, January 07, 2002 3:27 AM
To: [email protected]
Subject: [FW-1] Rule 0


Hello all and Happy New Year

I am a newbie . . . running FW1, 4.1 on a NT Server 4.0 SP6.
I notice in my logs certain tcp packets are being rejected by Rule 0
(zero)
but I did not create such a rule and cannot find it in my Policy Editor.
How can I see / find out about this rule?  The checkpoint web site has not
helped.
TIA
Hadrian
--




__________________________________________________________________
Your favorite stores, helpful shopping tools and great gift ideas.
Experience the convenience of buying online with Shop@Netscape!
http://shopnow.netscape.com/

Get your own FREE, personal Netscape Mail account today at
http://webmail.netscape.com/

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.