Thanks, but not: I am not trying to do URL filtering ... I am trying to allow to four servers to access only to smtp.gmail.com to send some emails a day ... Nothing more. And yes, this rules is at the end of the ruleset.
On Tue, Dec 13, 2011 at 10:53 PM, Independent IT Consultant < [email protected]> wrote: > What exactly are you trying to do? > > Domain objects work (even with cnames), but are *VERY* resource intensive. > There is *NO* caching done, so *EVERY* new session will require a new > lookup. For services like GMAIL, this may become problematic. > > This is why CP strongly advocates that any rules involving DNS objects be > placed at the end of the ruleset. > > It sounds to me like you're really trying to do a poor-man's URL > filtering. If so, quit the games and use URL filtering - either on the CP > gateway or on an internal server. The updates they made in R75.20 take it > from barely functional to absolutely kick-arse... > > > > On Tue, Dec 13, 2011 at 4:37 PM, C. L. Martinez <[email protected] > >wrote: > > > Uhmm ... It doesn't works, because smtp.gmail.com is resolved as a > > wi-in-f108.1e100.net .... Then, do I need to create another domain > object > > with 1e100.net domain?? If it yes, I prefer to use IP's, although some > > alerts are triggered ... > > > > > > > > On Tue, Dec 13, 2011 at 9:16 PM, Alexey Baltacov <[email protected] > > >wrote: > > > > > Hi. > > > > > > The domain objects are used to resolve hostnames in rules. > > > > > > It's also not recommended to use such objects in beginning of rulebase > > > because it can hardly affect the perfomance. > > > > > > In order to use it you should configure DNS servers on OS level. Please > > use > > > nearest DNS's as possible (located in LAN) > > > > > > Alexey > > > > > > On Dec 13, 2011 9:52 PM, "carlopmart" <[email protected]> wrote: > > > > > > > On Tue, 13 Dec 2011, Alexey Baltacov wrote: > > > > > > > > You should use domain object instead. > > > >> Dynamic objects used for edges dynamic policy > > > >> > > > >> > > > > Thanks Alexei, but can I use domain objects to resolve hostnames unde > > > > rules?? > > > > > > > > Thanks. > > > > > > > > --- > > > > CL Martinez > > > > carlopmart {at} gmail {d0t} com > > > > > > > > ==============================**=================== > > > > To set vacation, Out-Of-Office, or away messages, > > > > send an email to [email protected].**checkpoint.com< > > > [email protected]> > > > > in the BODY of the email add: > > > > set fw-1-mailinglist nomail > > > > ==============================**=================== > > > > To unsubscribe from this mailing list, > > > > please see the instructions at > > > > http://www.checkpoint.com/**services/mailing.html< > > > http://www.checkpoint.com/services/mailing.html> > > > > ==============================**=================== > > > > If you have any questions on how to change your > > > > subscription options, email > > > > [email protected] > > > > ==============================**=================== > > > > > > > > > > ================================================= > > > To set vacation, Out-Of-Office, or away messages, > > > send an email to [email protected] > > > in the BODY of the email add: > > > set fw-1-mailinglist nomail > > > ================================================= > > > To unsubscribe from this mailing list, > > > please see the instructions at > > > http://www.checkpoint.com/services/mailing.html > > > ================================================= > > > If you have any questions on how to change your > > > subscription options, email > > > [email protected] > > > ================================================= > > > > > > > ================================================= > > To set vacation, Out-Of-Office, or away messages, > > send an email to [email protected] > > in the BODY of the email add: > > set fw-1-mailinglist nomail > > ================================================= > > To unsubscribe from this mailing list, > > please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================= > > If you have any questions on how to change your > > subscription options, email > > [email protected] > > ================================================= > > > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= > ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
