Re: [FW-1] Shealth rule

Alok,

Thanks for your kind advice.

In the Stealth rule, I use drop as the action. Should your suggested rule be placed above or below the Stealth rule?

Regarding your kind advice about security hole, currently I use CheckPoint GUI to manage the firewall software and telnet + browser to manage the Nokia IPSO. Do you mean I can use only the browser to manage the IPSO? I am a new administrator of firewall and I have not compared all features of these two ways. Does Nokia has similar CheckPoint GUI to manage all functions of IPSO?

Thanks,

Ray

----- Original Message -----

From: Gupta, Alok Mohan (Samtech)

To: [email protected]

Sent: Tuesday, 03 September, 2002 08:19 p

Subject: Re: [FW-1] Shealth rule

Hi Ray,

Enable the Stealth rule which should look like this:

Any Firewall Object Any Drop/Reject

Enable it by saying Accept in the Action field AND Put a rule as follows:

Telnet Machine Firewall Object Telnet Accept

But I'll advice you not to use Telnet in such a scenario (as this will open a security hole in your network) instead use the remote GUI client feature to log onto the Nokia Firewall.

Regards,

Alok Mohan Gupta

-----Original Message-----
From: Raymond Li [mailto:[email protected]]
Sent: Tuesday, September 03, 2002 3:34 PM
To: [email protected]
Subject: [FW-1] Shealth rule

I have a shealth rule as the first rule. I cannot telnet the nokia firewall. Can someone tell me if I can modify it to accept telnet within internal network or need a new rule.

Thanks,

Ray

----------------------------------------------------------------------------

The information contained in this Message is confidential and intended only for the use of the individual or entity identified. If the reader of this message is not the intended recipient, any dissemination, distribution or copying of the information contained in this message is strictly prohibited. If you received this message in error, please notify the sender immediately.