[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW-1] Any is not service any?
Title: RE: [FW-1] Any is not service any?
I am not sure why u didn't get a message in the info section of firewall log.
It specifically says that if you want to allow X11 traffic you have to add a new rule for it. In FP3 "any" does not allow X traffic.
-----Original Message-----
From: Petra Klein [mailto:[email protected]]
Sent: Thursday, January 16, 2003 5:28 AM
To: [email protected]
Subject: [FW-1] Any is not service any?
Hi,
I have encountered a weird problem and wonder if anyone has an explanation?
We have a Firewall-1 NG FP3 and a rule SIP/DIP/any/encrypt. When we tried to
connect to a service on port TCP-6001 the firewall rejected the packet on the
any-rule with no explanation, just reject...Why? The rule is service any.
The solution was to add a rule above the any-rule and explicit accept the
TCP-6001 traffic...My question is why? I know the port belongs to the TCP
service X11 (tcp port 6000-6063) but this is not X11 traffic, they just use
that port on the server.
Thanks and Regards
Petra
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================
