|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] Service "Any" in NG FP3
Hi, If I'm right you want to export display from y.y.y.y to x.x.x.x; so you allowed X11 traffic from x.x.x.x to y.y.y.y (any services in fact). but X11 is working in a different way: first your computer x.x.x.x will "telnet" the server y.y.y.y; and after that, it will be y.y.y.y who will open the connection from him to x.x.x.x computer. That means you should autorize X11 service from y.y.y.y to x.x.x.x But maybe I misunderstood the problem.. Regards, Olivier RAFAEL [email protected] Ce message est exclusivement destiné aux personnes dont le nom figure ci-dessus. Il peut contenir des informations confidentielles dont la divulgation est à ce titre rigoureusement interdite. Dans l'hypothèse où vous avez reçu ce message par erreur, merci de le renvoyer à l'adresse e-mail ci-dessus et de détruire toute copie. This message may contain confidential and proprietary material for the sole use of the intended recipient. Any review or distribution by others is strictly prohibited. If you are not the intended recipient, please contact the sender and delete all copies. -----Message d'origine----- De : Mailing list for discussion of Firewall-1 [mailto:[email protected]]De la part de Andre Liese Envoyé : lundi 17 février 2003 09:29 À : [email protected] Objet : Re: [FW-1] Service "Any" in NG FP3 Hi Trung, CP Firewall-1 NG blocks X11 by default. You can either insert a rule above your rule explicitly allowing X11 or you can set the "reject_x11_in_any" global property to false using dbedit. I believe first way is recommended. HTH, Andre CCSE-NG > Dear CheckPoint gurus, > > In our FW policy we have 1 rule saying: > > Source IP Destination IP Service Action > > x.x.x.x y.y.y.y any Accept > > However when we tried to connect from x.x.x.x to > y.y.y.y using X11 tcp protocol it failed. I checked > the log file and it stated that X11 is not allowed > through service "* any". It also recommended to create > earlier rule that explicitly allows X11. > > I just wonder which services are NOT allow through > service "*. any" and the reason why please drop me a > line > > Thanks. > > Regards, > > Trung Nguyen > > Email: [email protected] > > __________________________________________________ > Do you Yahoo!? > Yahoo! Shopping - Send Flowers for Valentine's Day > http://shopping.yahoo.com > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= > -- +++ GMX - Mail, Messaging & more http://www.gmx.net +++ Bitte lächeln! Fotogalerie online mit GMX ohne eigene Homepage! ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
