Nightmares with FP3 on Secureplatform, NAT doing illogical things. Rules that work on other platforms do not work on SecurePlatform. For example, a simple rule to NAT outgoing traffic from the internal LAN to external, and NAT using a specific address. In the log Viewer (haven't got into FP3 terminology yet :)) if you enable the column that shows nat rule applied, you can see that it is theoretically applying the rule, but if you look in the xlated source column, there is nothing. Static routes and arp configured correctly.
Tried FP3 on Windows 2000, had the box stop forwarding packets after 3 or 4 hours for no reason, no visible signs of any problems. Have (last night and this morning) now put FP3 on NT4 server, and so far all is good. I have a couple of site to site VPN's, some PAT and lots of static NAT (DMZ too) and it all works fine. It's a shame about FP3 Secureplatform not working on my box, I am sure that it should have. I am a CCSE so have reasonable confidence in my ability to configure it correctly. The box is a Dell Optiplex GX1 PII 450 with the onboard 3C918 (3C905b-TX compatible) and two 3C905B-TX cards. My 2c Symon -----Original Message----- From: Swart Sean - Senior Security Engineer/Instructor [mailto:[EMAIL PROTECTED]] Sent: 08 October 2002 13:41 To: [EMAIL PROTECTED] Subject: Re: [FW-1] FP3 On Solaris we had a smoot upgrade, about 5 minutes. FP2 to FP3. Only thing is that automatic ARP is on by default. Can't say we like that, so after turning that off and reinstalling policy all is running for about three weeks now. Leonardo Boulton wrote: > I'm upgrading my windows 2000 console right now... if succesfull, i'll go > for the Nokia Module. > > I'll keep you informed. > > L. > > -----Mensaje original----- > De: Mailing list for discussion of Firewall-1 > [mailto:[EMAIL PROTECTED]]En nombre de Lars > Troen > Enviado el: Monday, October 07, 2002 5:22 PM > Para: [EMAIL PROTECTED] > Asunto: [FW-1] FP3 > > Any success stories yet with FP3? AFAIK it has lots of trouble on win32 > platform, but what about other platforms? > > Lars > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ######################################################################## ############# Scanned for Viruses and Content and cleared by the Webvein Mail Gateway ######################################################################## ############# ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
