Change the setting under HTTP Protocol Inspection to "Configurations apply only to connections related to resources used in the Rule base"
Per the Help file: "Configurations apply only to connections related to resources used in the Rule Base ensures that the SmartDefense selectable enforcements apply only to those rules in the Rule Base that use a URI Resource with the Enforce URI capability option selected. All enforcement is done using the Security Server." -----Original Message----- From: Juan Andr�s Galav�s [mailto:[EMAIL PROTECTED] Sent: Friday, February 25, 2005 10:51 AM To: [email protected] Subject: [FW-1] SmartDefense and IM applications Hello list, I am running two Nokia IP350 modules IPSO 3.71, Firewall-1/VPN-1 NG with AI R55, and have the SmartDefense service active. I want to block IM applications for certain users, but allow them to a select group. If I enable the Application Intelligence -> HTTP Protocol Inspection -> Peer to Peer header detection for MSN, all packets are dropped (even the privilege users with an MSN access allow rule). I need to block this service (application header inspection included) to some users, but allow it to a select group. Any ideas? Thank you. Cheers! / Saludos! Juan Andr�s Galav�s ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
