Hi, How many hosts do you see when you do a "fw lichosts"?, are your hosts getting their IP addresses from a DHCP server? If so, maybe there is the problem because every time your hosts change their IP addesss, the firewall is going to count each one of them.
Hope this helps, _______________________________ Cybertech Projects Jos� Mar�a Gabald�n Network Security Engineer email: [EMAIL PROTECTED] www.cybertech.com.ve -----Mensaje original----- De: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] En nombre de Chanoine Enviado el: Jueves, 03 de Marzo de 2005 09:53 a.m. Para: [email protected] Asunto: [FW-1] RE : [FW-1] RE : [FW-1] Checkpoint licence : Count unique internal hosts Hello, It is actually an Express Licence. When I do a fw lichosts the hosts are only those in my own network so I'm not sure where the problem really is. After applying HFA-12 the error messages in the event manager aren't no longer written as 'incidents' but as 'information'. In my security ruleset I prevent my internal hosts from accessing directly the Internet, they must pass through the proxy server which is in the DMZ. I have rules like this : Any ->proxy->http/https/ftp/smtp - accept Proxy->any->http/https/ftp/smtp - accept Lan->any->any - deny Well my network looks like this : http://img97.exs.cx:81/img97/4601/schemasimple3nl.png If you think I should make corrections, please do so. Thank you. Yannick -----Original Message----- From: Scott Tobias [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 02, 2005 8:21 PM To: [email protected] Subject: Re: [FW-1] RE : [FW-1] Checkpoint licence : Count unique internal hosts Does this firewall have an Express License ? Look at the output of the fw lichosts to try and pinpoint the problem. Do connections come directly to the DMZ and not through the external interface of the firewall ? On Wed, 2 Mar 2005 19:22:54 +0100, Chanoine <[EMAIL PROTECTED]> wrote: > Good evening, > > I'm having this problem once again, and even if at first I thought it > just filled my event manager, it causes me some troubles by the way. > I've been looking for a fix for this problem but I just can't find it. > Could one of you show me the way? > > By the way you asked me if I had an external interface set, and my > answer is yes. I have on NIC set as external, one for the DMZ and the > last one for the LAN. Is it a possible cause, and if so is there a > troubleshoot? > > Thanks alot! > > Yannick > > -----Original Message----- > From: Scott Tobias [mailto:[EMAIL PROTECTED] > Sent: Tuesday, January 25, 2005 10:37 PM > To: [email protected] > Subject: Re: [FW-1] Checkpoint licence : Count unique internal hosts > > There are a couple of ways to go about troubleshooting this problem > > fw tab -t host_table -s (ammount of hosts that are counted against the > license) fw lichosts (will give the IP addresses of the hosts it's > counting) > > Checkpoint the release notes for HFA_12 there is a problem with how > many hosts are counted. Just don't forget if you apply the hot fix do > the following 1.cpstop 2. delete $FWDIR/database/fwd.h 3. delete > $FWRIR/database/fwd.hosts 4. cpstart 5. fw tab -t host_table -x > > There was a fix in HFA_12 for counting broadcasts for express > licensing. Do you have an external interface set ? > > On Tue, 25 Jan 2005 16:04:15 -0000, Neil Kemp > <[EMAIL PROTECTED]> wrote: > > From what I remember, there is a file where checkpoint stores the > > connections traversing the firewall. > > > > I have had to, in the past, and on previous versions of Checkpoint, > > look at this file and clear it out in order to get things running > > again. > > > > Perhaps start there. > > > > Cheers > > > > -----Original Message----- > > From: Mailing list for discussion of Firewall-1 > > [mailto:[EMAIL PROTECTED] On Behalf Of > > Chanoine > > Sent: 25 January 2005 15:57 > > To: [email protected] > > Subject: [FW-1] Checkpoint licence : Count unique internal hosts > > > > Hello, > > > > I'm having some licence problems with my checkpoint NG55 AI. > > > > I have a licence for 500 internal users. > > I have no more than ~400 unique nodes in my network. Those nodes are > > : > > - servers > > - workstations > > - printers > > > > I have a message in the event manager of the Win2k server running > > checkpoint saying that my licence only accepts 500 internal users > > and that I am over this limit. > > > > How can it be, and how can I troubleshoot this? > > > > Thanks! > > > > Yannick > > > > ================================================= > > To set vacation, Out-Of-Office, or away messages, > > send an email to [EMAIL PROTECTED] > > in the BODY of the email add: > > set fw-1-mailinglist nomail > > ================================================= > > To unsubscribe from this mailing list, > > please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================= > > If you have any questions on how to change your subscription > > options, email [EMAIL PROTECTED] > > ================================================= > > > > > > #################################################################### > > ## > > ############### > > This e-mail message has been scanned for Viruses and Content and > cleared > > by 3DMail > > > ###################################################################### > ## > ############# > > > > ================================================= > > To set vacation, Out-Of-Office, or away messages, > > send an email to [EMAIL PROTECTED] > > in the BODY of the email add: > > set fw-1-mailinglist nomail > > ================================================= > > To unsubscribe from this mailing list, > > please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================= > > If you have any questions on how to change your subscription > > options, email [EMAIL PROTECTED] > > ================================================= > > > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
