RE: [FW1] FW-1 and RPC

Thu, 27 Jul 2000 05:04:52 -0700 


The exact version is 3.0b build 3083 - does this really make a difference?

Unfortunately I can't cut/paste something from the log but is looks like:
<... standard blah blah ...>|LOG|DROP|<portnumber (862 for this
session)>|<source addr>|<dest addr>|TCP|<src_port>|<translation details>|

Regards,

Jeroen


-----Original Message-----
From: Kwast, Jeroen (GNS) [mailto:[EMAIL PROTECTED]]
Sent: Thursday, July 27, 2000 1:34 PM
To: [EMAIL PROTECTED]
Subject: RE: [FW1] FW-1 and RPC



We need more info to help!

What build is your 3.0?
Give some piece of log where the connections are dropped!!

Jeroen :)



Hello,

I'm having the nasty situation that I'm forced to allow RPC traffic through
our firewall. The firewall we use is a FW-1 version 3.0 - so far I've done
the following:
- created an RPC service object with the program number set as requested
- enabled RPC control in the Policy->Properties->Services panel
- added "#define RPC_OVER_TCP" to $FWDIR/lib/base.def (according to
phoneboys FAQ)
- fwstop/start

The rule is like:
<source><destination><newly defined RPC service, UDP 111, TELNET><accept>...

Still the RPC sessions are dropped (not the portmapper, but the session
itself). Is there anything I've missed?

To be complete; we do use static address translation for this specific host.

Hope you guys can help me on this one,

Thanks and regards,

Jeroen van Dongen
Infonet-Europe



============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Reply via email to