:: Have 3 interfaces :: :: 1) External :: 2) DMZ -with DNS and Web services :: 3) Private :: :: the external interface is set with OTHERS :: the private interface should is set with THIS NET :: :: What I am not sure of, is what to set the DMZ interface to. I think the :: other two interfaces are setup correctly... ??
The external interface should be set to OTHERS, correct. The private interface is also correct, although be sure to include any other networks that might be beneath that interface as well. The DMZ interface should be set to THIS NET as well, since that's the only network packets should be originating from. A good summary (directly from the FW-1 Policy Editor help file): A packets whose source IP address belongs to valid addresses is allowed to enter the network object through the interface. Cheers - Erick ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
