Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] DHCP Server and FW-1 problem

To: [email protected]
Subject: Re: [FW-1] DHCP Server and FW-1 problem
From: "Robert C. Wessel" <[email protected]>
Date: Mon, 8 Apr 2002 15:04:38 -0500
In-reply-to: <[email protected] >
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

As has been mentioned, you probably shouldn't be running a DHCP server on
your firewall.  Your firewall should be your firewall, and little or
nothing else.

That said, the only reason FW-1 should interfere with DHCP is if you have
rules preventing the traffic.  I've never done this, but you'll (at least)
need to allow UDP/67 *to* the FW, and UDP/68 *from* the FW, both on the
interfaces that you wish to provide BOOTP/DHCP services to.  Note that your
normal stealth rule will prevent any such traffic, and the rules to allow
the DHCP traffic will need to be in front of the stealth rule.

Of course, you should check your logs for drops on those ports as well.

You may have to define a custom service for those ports.

-Robert

At 11:16 AM 4/8/02 +0200, you wrote:
>I have installed FW-1 on a Win2000 server. Now I want to enable the DHCP
Server service.
>Its configured, but none of my clients can get an DHCP address.
>If I stop the FW-1 service - all my clients gets IP addresses.
>
>Is there a speciel way of configuring the FW-1 ?!
>
>
>Best Regards
>Jonas Watt Boolsen
>
>=================================================
>To set vacation, Out Of Office, or away messages,
>send an email to [email protected]
>in the BODY of the email add:
>set fw-1-mailinglist nomail
>=================================================
>To unsubscribe from this mailing list,
>please see the instructions at
>http://www.checkpoint.com/services/mailing.html
>=================================================
>If you have any questions on how to change your
>subscription options, email
>[email protected]
>=================================================
>

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

Prev by Date: Re: [FW-1] ISP blocking IKE
Next by Date: [FW-1] sun message
Previous by thread: [FW-1] DHCP Server and FW-1 problem
Next by thread: Re: [FW-1] DHCP Server and FW-1 problem
Index(es):
- Date
- Thread