hi all, i have a FW-1 NG AI (R55) installed on a management console and in two firewall modules; are all servers with linux SPLAT O.S.; i use the SmartDashboard installed in windows xp in order access to the fw management console and to modify/apply fw security policies; the objects used are really many, and there are circa 120 objects among them, configured with public ip through the nat tab (most of them are "in hide" configuration mode, and other statically assigned as they are websites or other network services); (the network public ip range is: from xxx.xxx.xxx.128 to xxx.xxx.xxx.191 so with a subnet Mask: 255.255.255.192 ) ; all works correctly, but due to a change of the internet carrier, the public network will change within a month :| .. so, unfortunately, i will have a new(different) public network range assigned, and obviuosly i have to reflect these ip change in all natted ip objects (beyond routing and main firewall gateway object) .. in few words, i have to replace all public ips actually configured among the 120 natted objects, accordingly to a new map association (old ip<->new ip) that i will do once known the new network range; ... ..is there a way, inside SmartDashboard, to do a search/replace of the natted configured IP (i mean only those ip in the "nat tab") ? (afaik, i think no, but i wait for your confirmation..) so i thought to edit the objects_5_0.C (previously imported through ftp) manually inside my windows pc (through a text editor such as editplus) and do the search&replace occurrences of every public natted ip (that is fast), save it, and then reimport it through ftp inside the original location ($FWDIR/conf/ folder), doing a "cpstop" before reimporting it, and then followed by a "cpstart" and reinstallation of the security policies.. .. is the above procedure correct ? or i am missing something ? do you think there will be any problems doing the above procedure ? (i mean problems related to "windows" save format of the text editor..or others that i do not know) p.s.: i know (but never used) exists a check point tool "GuiDBedit.exe" to edit properly the objects_5_0.C file, but i checked in help file and i do not see any "search/replace" natted ip feature..
thanks in advance, B. Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= Scanned by Check Point Total Security Gateway.
