[FW-1] Urgent: rule number is missing in SmartView Tracker.

Thu, 23 Aug 2007 14:37:23 -0700 

Provider-1 NG/AI R55 with HFA_20 on SPLAT.  Enforcement modules 
is running Active/Active with floodgate on SPLAT NG/AI R55 
with HFA_20.  

I have a simple rule on the CMA for these two enforcement modules:

Any Any DNS  Accept account
Any Any telnet Accept account
Any Any Any   Accept account

Everything is routed through the firewall.  NO NAT.

Problem is that I have a host outside the firewall performing
"telnet" to a host inside the firewall.  The connection is fine,
as verified by tcpdump, and I can see the "active" connection
in Smartview tracker. 

The problem is that under "log" of the SmartView tracker,
I do NOT see the rule # in the column section.  It shows
up as blank.  Why?  Is it a bug or what?  

The provider-1 box has 1 CMA and it running on a DELL
box with dual processor (3.2.GHz) with 16GB of memory.
The enforcement modules is a dual processor with
2GB of RAM and there is NO traffic other than the telnet
session.

The other issue I have is that I have a group-object called
"TEST" and in this object-group, I have about 20 hosts
in this TEST group-object.  I have a host object called
"pornstar_192.168.1.10" and this host object is NOT
a member of the group-object "TEST".  However, when
I perform a querry, it showed that "pornstar_192.168.1.10"
host object is part of the group object "TEST".  Why?

I repeatedly reboot the Provider-1 and the SPLAT enforcement
modules but I still have these two issues.  

Has anyone seen this before?  I can not upgrade to anymore 
new HFAs because HFA_20 is the latest for NG with AI R55.

Please help.  Thanks.

       
---------------------------------
Park yourself in front of a world of choices in alternative vehicles.
Visit the Yahoo! Auto Green Center.

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================

Reply via email to