First off, thank you guys for your
input so far...
Ooooooook so after reading from
SecureKnowledge, it was in fact the option for Traditional rules with
encryption must be checked off, and THEN you have to recreate your whole
policy. Yay, thanks CP. Now that I've done that BS, I am still unable to
specify the External and Internal interfaces of the Checkpoint object. It just
selects External and the bottom half of the Topology page is GREYED OUT such
as the option for Internal, selecting the network it's behind, ect. When I
select "Get Topology" it works fine, it just selects both of them as external
and when I click OK, then all packets are dropped because it's transferring
packets between two external interfaces...hence no Internet access until I
remove the actual Internal interface (which is selected as External on the
topology page).
So, my question is: WHY is the
option to select which interface is Internal GREYED OUT?!?!?! Is anyone else
having this much fun today? GEEZ, with a fraggin firewall built around a GUI
interface I would THINK this whole operation would be a heck of a lot
SIMPLER!
Lee Robinson
Network
Administrator