AW: [FW1] Anti-Spoofing

Wed, 05 Jul 2000 00:56:20 -0700 


Hi Nick,
you should set the valid addresses to a group containing every netwaork
behind the corresponding interface. This group must contain the valid
addresses of every statically NATted address.

HTH

Axel Hoffmann
System Engineer
----------------------------------------------------------------------
Eckmann Datentechnik Netzwerkservice Telindus GmbH

Sylvesterallee 2
D-22525 Hamburg
----------------------------------------------------------------------
Email:  [EMAIL PROTECTED]
Tel:    (+49) 40 54706 195
Fax:    (+49) 40 54706 111
----------------------------------------------------------------------
Please visit our websites
http://www.eckmann.de
http://www.telindus.de
----------------------------------------------------------------------




-----Urspr�ngliche Nachricht-----
Von: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]Im Auftrag von
Nick Claassen
Gesendet: Mittwoch, 5. Juli 2000 09:01
An: [EMAIL PROTECTED]
Betreff: [FW1] Anti-Spoofing 



Hi all

I need some information on how to setup anti - spoofing !


On my Firewall I have four interfaces (external,DMZ,local,link)
I would like to know more about what the Valid IP Address Options means when
you 
enable spoof - tracking. I have already look at www.phoneboy.com information
on antispoofing.

For my current setup I have chosen external(our Internet link through Cisco
router ) to "Others".
The other three links sits behind the Firewall but I am not certain on what
Valid IP Address Options
to choose for them.
DMZ link to DNS server  
local link to proxy server
link link to an external network

If I choose "Any" for them, policies editor gives error !
What should these links be set to when anti-spoof tracking is enabled ?

Thanks
Niek 





============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Reply via email to