The scenario is described in the following figure:
************ *************** ************
* IP Phone *=========* Firewall NG *==========*Gatekeeper*
************ *************** ************
10.40.50.101 10.40.50.1 10.20.30.1 10.20.30.100
Hardware description:
- IP Phone: Ericsson Dialog 4425 IP Vision.
- Firewall: Check Point VPN-1/FireWall-1 NG with Application
Intelligence (R55) HFA_09, Hotfix 234 - Build 001.
- Gatekeeper: slot card in our MD110 (Ericsson).
The Firewall is configured ANY to ANY, so no rules are programmed.
The Firewall is installed on the SecurePlatform.
The IP Phone can register itself to the gatekeeper but it cannot make call.
I have tried to sniff the packets on both side (IP Phone side and gatekeeper
side) using Ethereal.
The correct exchange of packet is:
************ *************** ************
* IP Phone *=========* Firewall NG *==========*Gatekeeper*
************ *************** ************
10.40.50.101 10.40.50.1 10.20.30.1 10.20.30.100
1- SYN
==================> 2- SYN
==================>
3- ACK
==================> 4- ACK
==================>
5- RST
<==================
6- RST
<==================
But the firewall creates the following packets that I don't want:
7- RST
<==================
This packet is created by the firewall with the following parameters:
Source IP address: IP PHONE and NOT THE FIREWALL!!!!!!!!!!
Destination IP address: Gatekeeper (OK!)
Source MAC address: Firewall
Destination MAC address: Gatekeeper.
This TCP reset message ([RST]) is sent to the gatekeeper.
When the gatekeeper receives this message, it stops the communication with the
IP Phone.
Consequently, after a time-out, the IP Phone sends a Release Complete message.
SO, I'D LIKE TO STOP THIS RST PACKET!!!!!!!
Thank you
-----Original Message-----
From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On
Behalf Of Reinhard Stich
Sent: mercoled� 16 marzo 2005 20.09
To: [email protected]
Subject: Re: [FW-1] block traffic generated by FW-1
At 18:15 16.03.2005, you wrote:
>No.
and what traffic do you see that you don't want to see?
cheers
reinhard
>Cheers
>Claudio
>
>
>
>
>
>-----Original Message-----
>From: Mailing list for discussion of Firewall-1
>[mailto:[EMAIL PROTECTED] On Behalf Of Reinhard Stich
>Sent: mercoled� 16 marzo 2005 17.27
>To: [email protected]
>Subject: Re: [FW-1] block traffic generated by FW-1
>
>hi,
>
>do you have a cluster?
>
>cheers
>reinhard
>
>At 16:31 16.03.2005, you wrote:
> >I have tried but, if I use a sniffer program (Ethereal), I note that the
> >firewall create a new packet. This packet is not present before FW-1!
> >How can I do?
> >Thank,
> >Claudio
> >
> >
> >
> >
> >-----Original Message-----
> >From: Mailing list for discussion of Firewall-1
> >[mailto:[EMAIL PROTECTED] On Behalf Of
> >Brockhoven, Werner
> >Sent: mercoled� 16 marzo 2005 14.16
> >To: [email protected]
> >Subject: Re: [FW-1] block traffic generated by FW-1
> >
> >Hi,
> >
> >Policy, Global properties, uncheck "accept outgoing packets originating
> >from Gateway".
> >
> >-----Original Message-----
> >From: Mailing list for discussion of Firewall-1
> >[mailto:[EMAIL PROTECTED] On Behalf Of Claudio
> >Pazzaglia
> >Sent: Wednesday, March 16, 2005 11:26
> >To: [email protected]
> >Subject: [FW-1] block traffic generated by FW-1
> >
> >
> >Hi,
> >
> >Is it possible to block the traffic (packets) generated by the FW-1 NG
> >AI R55?
> >
> >Thanks
> >
> >Claudio
> >
> >
> >=================================================
> >To set vacation, Out-Of-Office, or away messages,
> >send an email to [EMAIL PROTECTED]
> >in the BODY of the email add:
> >set fw-1-mailinglist nomail
> >=================================================
> >To unsubscribe from this mailing list,
> >please see the instructions at
> >http://www.checkpoint.com/services/mailing.html
> >=================================================
> >If you have any questions on how to change your
> >subscription options, email
> >[EMAIL PROTECTED]
> >=================================================
> >
> >=================================================
> >To set vacation, Out-Of-Office, or away messages,
> >send an email to [EMAIL PROTECTED]
> >in the BODY of the email add:
> >set fw-1-mailinglist nomail
> >=================================================
> >To unsubscribe from this mailing list,
> >please see the instructions at
> >http://www.checkpoint.com/services/mailing.html
> >=================================================
> >If you have any questions on how to change your
> >subscription options, email
> >[EMAIL PROTECTED]
> >=================================================
> >
> >=================================================
> >To set vacation, Out-Of-Office, or away messages,
> >send an email to [EMAIL PROTECTED]
> >in the BODY of the email add:
> >set fw-1-mailinglist nomail
> >=================================================
> >To unsubscribe from this mailing list,
> >please see the instructions at
> >http://www.checkpoint.com/services/mailing.html
> >=================================================
> >If you have any questions on how to change your
> >subscription options, email
> >[EMAIL PROTECTED]
> >=================================================
>
>--
>Reinhard Stich ASSIST [EMAIL PROTECTED]
>Internet Security AG, 1150 Wien, Johnstrasse 29
>Tel: +43 1 3709440 RS784-RIPE Fax: +43 1 3709440-333
>
>=================================================
>To set vacation, Out-Of-Office, or away messages,
>send an email to [EMAIL PROTECTED]
>in the BODY of the email add:
>set fw-1-mailinglist nomail
>=================================================
>To unsubscribe from this mailing list,
>please see the instructions at
>http://www.checkpoint.com/services/mailing.html
>=================================================
>If you have any questions on how to change your
>subscription options, email
>[EMAIL PROTECTED]
>=================================================
>
>=================================================
>To set vacation, Out-Of-Office, or away messages,
>send an email to [EMAIL PROTECTED]
>in the BODY of the email add:
>set fw-1-mailinglist nomail
>=================================================
>To unsubscribe from this mailing list,
>please see the instructions at
>http://www.checkpoint.com/services/mailing.html
>=================================================
>If you have any questions on how to change your
>subscription options, email
>[EMAIL PROTECTED]
>=================================================
--
Reinhard Stich ASSIST [EMAIL PROTECTED]
Internet Security AG, 1150 Wien, Johnstrasse 29
Tel: +43 1 3709440 RS784-RIPE Fax: +43 1 3709440-333
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
