Yes, adding a workstation object with 255.255.255.255 to the antispoof group
will help you. And perhaps you need another object with 0.0.0.0
Olav
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, May 15, 2001 11:10 PM
> To: [EMAIL PROTECTED]
> Subject: [FW1] Antispoofing and bootp
>
>
>
>
>
> I am having some antispoofing configuration problems.
> CPMAD keeps on getting ativated by bootp reguests.
> When I look in the Check Point Logviewer I see this:
>
> Service: bootp
> Source: (blank)
> Destination: 255.255.255.255
> Proto: udp
> Rule: 0
> S_Port: 68
>
> I am running Check Point v4.1 sp3
> I have configured and enable CPMAD.
> I have 4 network cards installed and have configured this
> under the Interface
> properties->Security
> under Valid Address
>
> Internet adapter El90x1 - Others
> DMZ01 El90x2 - Others
> DMZ02 El90x3 - Others
> Internal LAN El90x4 - Specific->AntiSpoof-Group
>
>
> The Antispoof group consists of my two internal networks.
> I'm also running DHCP in my internal network.
>
> My question is do I have to create a Network object of
> 255.255.255.255 and place
> it in the AntiSpoof group?
> Will this stop the CPMAD from activating?
>
>
> Thanks
>
> AC
>
>
>
>
>
> ==============================================================
> ==================
> To unsubscribe from this mailing list, please see the
> instructions at
> http://www.checkpoint.com/services/mailing.html
> ==============================================================
> ==================
>
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
