What firmware are you on? I think 6.0.81 is the latest of the 6.0 series and
6.5 was just released. That's always a good place to start.
Ray
From: Sergio Alvarez <[EMAIL PROTECTED]>
Reply-To: Mailing list for discussion of Firewall-1
<[email protected]>
To: [email protected]
Subject: [FW-1] VPN-1 Edge issue
Date: Wed, 6 Sep 2006 12:17:58 -0600
Hello,
I have a problem with a VPN-1 Edge blocking required traffic.
That unit is being managed by a NGX R60 SmartCenter and a specific object
was created for it, my customer defined properly the topology of the Edge
and added a group to the "IPs behind this interface" configuration,
including network addresses 10.10.10.x (on the Edge internal interface) and
192.168.10.x (further insider). Also the rule base now has a rule allowing
all outbound traffic from the 192.168.10.x network and we made sure the
policy was loaded properly on the Edge box, but when outbound traffic from
the 192 network is received, bit the web interface of the Edge as well as
the SmartView Tracker show logs of dropped packets and with "attack name
Spoofed IP".
We have double checked the topology configuration many times and I just
don't understand what is going.
Does anybody have any ideas? or at least a procedure to disable spoofing
check on that box, it is located in an enterprise WAN so traffic there is
pretty safe, so it would be ok to disable it at least while finding a
solution for the issue.
Any help will be very appreciated.
Regards
--
Sergio Alvarez
(506)8301342
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
