I've upgraded my firewall from v4.0 sp5 to v4.1 sp1, and since
implementation, my anti-spoofing as set up for v4.0 denys access to my
dmz, both to and from.
Has there been any change in the way fw1 views antispoofing rules?
The one thing I"ve noticed, is that in the logs, an access attempt to the
dmz is first allowed by one of the policy rules (e.g. rule 22) but
immediately after, the same access attempt is blocked by rule zero.
According to the docs, anti-spoofing should block first, so it shouldn't
even get to be accepted on the rule 22...
Any ideas?
--
Howard Tencer, CCSE
Networks and Security 150 York St., Suite 700
Spectra Securities Software Toronto, ON. M5H 3S5
[EMAIL PROTECTED] (416) 368 7979
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
