I have two external interfaces, one to the internet via our ISP, and a
second to an extranet site. I've a fixed set of networks for the extranet
site (which I needed for routing anyway). I'd like to refuse any traffic
from the internet link with extranet IP addresses, and allow only traffic
from the extranet site via that link. In other words, anti-spoofing for
all three "sides", not just "internal" and "external."
As far as I can tell, I can't set up the normal anti-spoofing to do that
since it just has the binary internal/external distinction.
Alternatively, if I could bind a rule to a particular interface ("apply
rule to inbound traffic on interface x only"), I could take care of this
there, but I don't know of a way to do that.
Any thoughts?
I'm running NG FP3, single gateway, 50 user, on Win2K.
TIA,
-Robert
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
