Re: [FW-1] Anti-spoofing warning

[Bill]

Open up the network object in the policy manager.  Click on the topology tab.  "Get" all your interfaces and verify that they are correct.  Then drill down into each interface and choose from the options.  I believe they are (not necessarily in the same order or words):   --network defined by your interface configuration --a network object or group which would define all allowable networks --external interface   The anti-spoofing is used to tell the firewall what source ip addresses are valide for traffic INBOUND on the port/interface in question.  Be very careful and make sure that you are accounting for all necessary networks.  I would recommend that you log this information as well so you can "see" when something is not being allowed through and determine the cause -- right or otherwise. ----- Original Message ----- From: Ray Li To: [EMAIL PROTECTED] Sent: Tuesday, September 24, 2002 12:38 PM Subject: [FW-1] Anti-spoofing warning I notice that my Nokia firewall shows a warning that "The 2 interface is not protected by the anti-spoofing feature.  Your network may be at risk.  In the future, it is recommended that you define anti-spoofing protection before installing the Security Policy." during bootup.  I am using CheckPoint VPN Pro NG.  To fix this problem, can someone help me configure the anti-spoofing on the CheckPoint NG version.   Thanks,   Ray