You should edit the
spoofing settings on all interfaces.
Generally, you
should set all internal/DMZ interfaces to "This net",
and the external
interface to "Others".
If you use NAT, you
must also specify the valid (NAT) addresses for
the internal/DMZ
interfaces in the spoofing settings.
Cheers,
Anders
:)
Hello
List:
Whenever
I install my policy I get the following
message:
Warning: You are about to install the security
policy on (MY FIREWALL) without limiting the valid addresses on its interfaces
to protect from IP addresses
spoofing?
My
question is: Should I edit the
firewall's public or private interface and list the private interfaces? I have a group of my internal
interfaces already if that will help?
Thanks
in advance.
Eric
Eric M
Hanke
Senior Network
Engineer
Tempel Steel
Company
Magnetic Steel
Laminations for the Electronic and Electrical Industries
Phone (773)
250-8056
|