Re: [FW-1] NG AI - comments?

[RG <robg@FW1-NOSPAMSPORTSLINE.COM>]

If you are referring to voyager https, I noticed that as well.

I had an issue where my key exchange from NGAI ( vrrp cluster ) side to
remote side was using wrong subnet mask
for extenal cluster IP.  Netmask is a /21 and it was using /31.  I had to
set user_largest_subnets to false, and this resolved my issue with the VPN
working one way, although the first time I tried it it didnt.  Weird thing
is that I had a /21 network static'ly routed and that /21 doesnt work
anymore.  I had to route two /22s    While I find it hard to believe that
changing the use largest subnet in FW-1 would affect a static route in
IPSO, it would not be the first time a checkpoint change had effects on
IPSO operating system.

-Rob

At 04:57 PM 7/8/2003 -0400, Scott Friedman wrote:
> I just upgraded one of my clients that run Dual Nokia IP 350's with a
> Secureplatform
> Management server.
>
> First thing I noticed is that HTTPS doesn't work.. I have a case with Nokia
> open
> and I wonder if anyone else has seen this.
>
> Also, at two different installs I have enabled Peer-to-Peer blocking, and
> AIM
> and Yahoo IM still work just fine...
>
> That's my thoughts for now..
>
> Scott
>
> -----Original Message-----
> From: Aaron.Reynolds@FRANKLINCOVEY.COM
> [mailto:Aaron.Reynolds@FRANKLINCOVEY.COM]
> Sent: Tuesday, July 08, 2003 2:27 PM
> To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM
> Subject: [FW-1] NG AI - comments?
>
>
> I have not seen a lot of comments on NG AI since its release.  Is this
> because it is stable or because people are not willing to move to it yet?  I
> am wanting to upgrade to NG and FP3 looks fairly stable at this point, but
> why go through the hassle, if AI is out now?  What are other 4.1 folks
> planning?
>
> -Aaron
>
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to LISTSERV@amadeus.us.checkpoint.com
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> fw-1-owner@ts.checkpoint.com
> =================================================
>
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to LISTSERV@amadeus.us.checkpoint.com
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> fw-1-owner@ts.checkpoint.com
> =================================================

Robert Geller, CCSA, CCSE
Sportsline Network Operations
2200 West Cypress Creek Rd.
Fort Lauderdale, Florida 33309

AIM: rg1454bb  ICQ: 451690
http://cbs.sportsline.com

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV@amadeus.us.checkpoint.com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner@ts.checkpoint.com
=================================================