Hi, > The domain objects are not a good way to be used through the rulebase for > "Source" or "Destination", they get cached and the rule will take longer to > be processed during the initial resolving. Maybe configuring a local network > DNS or even caching server on the module will make it resolve a little > faster. > You need to use "Dynamic Objects" if you want the domain names to be > resolved through the rulebase. That works.
As I know from NG-AI R55 (assuming RG55 ist a type, because I don't know of this version) "Dynamic Objects" work only with the "VPN-1 Provider". > On 10/3/05, "Berg-Olsen, Børge" <[EMAIL PROTECTED]> wrote: >> >> Gurus of the list, >> >> I have trouble understanding how the domain network objects work - or do >> they? Whenever I try to use one of these objects in the rulebase every rule >> in the rulebase seems to stop working and the firewall drops / blocks all >> traffic. First I thought it was on the account of slow DNS lookups, but it >> now I have doubts as I am doing the exact same thing on my testbed and the >> same strange thing happens there. >> >> I have created a domain network object that contains .windowsupdate.com >> which I have put as one of the last rules in the rulebase. >> >> Rule is as follows: >> >> Any | .windowsupdate.com | Any | Accept | Log >> >> Platform is Nokia IPSO 3.7.1 CheckPoint NG AI RG55 HFA#14 with a W2K >> server as the management station. >> >> What am I missing? >> >> Cheers, >> >> Børge Berg-Olsen HTH Christian ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
