I think that there is some confusion on the definition of "Inbound".  This
really means that the traffic is inspected as it is inbound to the gateway
not inbound to the internal network.  Outbound means inspected as it leaves
the gateway, and eitherbound inspects the traffic both inbound to the
gateway and outbound from the gateway.

-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of
Tim Parker
Sent: Monday, April 09, 2001 4:26 AM
To: '[EMAIL PROTECTED]'
Subject: [FW1] Inbound, Outbound, Eitherbound



I am looking for some real world experience to help me answer this question.
We are currently having licensing issues (this is due to the way that we set
up our BigIP boxes behind our FW, long story) But what is happening is that
our FW is seeing external addresses on one of the internal interfaces so it
is trying to "protect" them. Hence throwing us way over on our licenses (and
generating an aweful lot of emails to me!)

What I am thinking of trying, but this is where I need the help!, is
changing the setting from eitherbound (the default) to inbound for our
rulebase. I am curious though, if there are any other ramifications, other
than the fact that the firewall will let anything from "inside" the network
out without checking it. With stateful inspection, I should be fine, I
believe.

Any comments to my issue?

Tim Parker



============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Reply via email to