[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] IPSO 330 routing redirect question
Title: RE: [FW-1] IPSO 330 routing redirect question Two possible solutions: - Block the icmp-redirect messages (e.g. source (fw) -- dst (any) -- service (redirect) -- action (drop) ), such that the firewall continues to route the traffic, and build corresponding rule(s) on the firewall to allow the traffic. - Use the router as the clients' default gateway (this is a more common solution). Relying on icmp-redirects to maintain traffic flow through your internetwork is generally not considered a best practice. Hope that helps - Dan Hitchcock
The information contained in this email message may be privileged, confidential and protected from disclosure. If you are not the intended recipient, any dissemination, distribution or copying is strictly prohibited. If you think you have received this email message in error, please email the sender at dhitchcock (at) breakwatersecurity (dot) com -----Original Message-----
Here in our office we have an IPSO 330 running Checkpoint FW-1 4.1 We have static routes that route you from one point inside our network
<LAN 1> ---------------------- <Firewall>
When LAN 1 sends a packet destined for LAN 2 and the Firewall is the
The problem we're having is using NetBIOS for this.. the Netbios
Anyone experience this with either NetBIOS (or UDP in general perhaps)
Thanks Scott J. Friedman, MCSE CCSE CCNA
=================================================
|