Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] How to make a rule to allow telnet to the firewall?

To: [email protected]
Subject: Re: [FW-1] How to make a rule to allow telnet to the firewall?
From: "<Guangcheng Wen>" <[email protected]>
Date: Thu, 22 Aug 2002 18:57:29 +0900
In-reply-to: <[email protected]>
References: <[email protected]>
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

Hello,

Lars.Troen> 1. disconnect firewall from external nets.
Lars.Troen> 2. issue "fw ctl uninstall" on the firewall.
Lars.Troen> 3. Now you can contact the firewall from wherever you like. Use the policy editor to recreate the lost rule.
Lars.Troen> 3. Install the policy.
Lars.Troen> 4. Reconnect external networks again.

Ok, I get the policy editor back. Thank you so much.

t-systems-fitz> maybe you have some problems with antispoofing. Make sure that the network
t-systems-fitz> 10.8.46.0 is defined as allowed network at the internal interface of your
t-systems-fitz> firewallobject. You have to define antispoofing under the topology tab of
t-systems-fitz> the firewallobject.

Thanks. But I am not sure howto define the network 10.8.46.0 as allowed
network at the inetrnal ineterface of the firewallobject.
The following description is my system and what I did.
fwlb2 is defined as a check point object which topology is as follows,
Name   Ip Address      Network Mask   IP Addresses behind interface
eri0  192.168.20.254  255.255.255.0       This Network
eri1  200.240.2.1     255.255.255.0       External

The Topology of eri0 is
Internal(leads to the local network) is selected.
Under IP Addresses behind this interface,
Network defined by the inetrface IP and Net Mask is selected.
Anti-Spoofing
Perform Anti-Spoofing based on interface topology is checked.
Spoof Tracking: Alert

As you know, I could not telnet to the firewall from any client
from the network 10.8.46.0.

A network object office is defined as,
Network adress: 10.8.46.0
Net Mask: 255.255.255.0

What should I do next?

Best regards,

--Wen

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

References:
- Re: [FW-1] How to make a rule to allow telnet to the firewall?
  - From: Lars Troen <[email protected]>

Prev by Date: Re: [FW-1] Secure Remote NG FP2 Session drops....
Next by Date: Re: [FW-1] too many internal hosts--please help
Previous by thread: Re: [FW-1] How to make a rule to allow telnet to the firewall?
Next by thread: Re: [FW-1] How to make a rule to allow telnet to the firewall?
Index(es):
- Date
- Thread