First off, thank you guys for your input so far...
Ooooooook so after reading from SecureKnowledge, it was in fact
the option for Traditional rules with encryption must be checked off, and THEN
you have to recreate your whole policy. Yay, thanks CP. Now that I've
done that BS, I am still unable to specify the External and Internal interfaces
of the Checkpoint object. It just selects External and the bottom half of the
Topology page is GREYED OUT such as the option for Internal, selecting the
network it's behind, ect. When I select "Get Topology" it
works fine, it just selects both of them as external and when I click OK, then
all packets are dropped because it's transferring packets between two
external interfaces...hence no Internet access until I remove the actual
Internal interface (which is selected as External on the topology page).
So, my question is: WHY is the option to select which
interface is Internal GREYED OUT?!?!?! Is anyone else having this much fun
today? GEEZ, with a fraggin firewall built around a GUI interface I would THINK
this whole operation would be a heck of a lot SIMPLER!
Lee Robinson
Network Administrator