Anyone know how IP's are tracked in FW1? Is it any IP address that the FW
sees going outbound (in the case of licensing the external interface).
Rob Cryan
Solutions Integration Manager
infinitespace.com
Two Westborough Business Park
Westborough, MA 01581
Office: 508.870.4714
-----Original Message-----
From: Howard Tencer [SMTP:[EMAIL PROTECTED]]
Sent: Monday, July 10, 2000 4:27 PM
To: [EMAIL PROTECTED]
Subject: [FW1] anti spoofing: changed in v4.1???
I've upgraded my firewall from v4.0 sp5 to v4.1 sp1, and since
implementation, my anti-spoofing as set up for v4.0 denys access to
my
dmz, both to and from.
Has there been any change in the way fw1 views antispoofing rules?
The one thing I"ve noticed, is that in the logs, an access attempt
to the
dmz is first allowed by one of the policy rules (e.g. rule 22) but
immediately after, the same access attempt is blocked by rule zero.
According to the docs, anti-spoofing should block first, so it
shouldn't
even get to be accepted on the rule 22...
Any ideas?
--
Howard Tencer, CCSE
Networks and Security 150 York St., Suite
700
Spectra Securities Software Toronto, ON. M5H
3S5
[EMAIL PROTECTED] (416) 368 7979
============================================================================
====
To unsubscribe from this mailing list, please see the
instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
