I have asked this question before with no response, so let's try it again.
External Firewall Internal
Client ressource
__________
| |
1.2.3.4 ------> 5.6.7.8| -NAT-> |-----> 172.16.10.1
|________|
If-ext If-int
If-ext and If-int are the interface names appearing in the log file.
I can see the following entries in the log file:
Time Interf. action service source dest rule Info
10:10:10 >If-ext accept tcp1234 1.2.3.4 5.6.7.8 rule16 len 40
10:10:10 >If-int drop tcp1234 1.2.3.4 5.6.7.8 rule0 len 40
10:11:12 >If-int drop tcp1234 1.2.3.4 5.6.7.8 rule0 len 40
What could be the reason for these rule-0-drops incoming on the internal
interface for an external -> internal connection.
It can't be an anti-spoofing issue, because in this direction it would be
rejected and not dropped AND it would be marked as outgoing on the
internal interface (btw: 5.6.7.8 is defined as valid addr. on If-int).
Any help would be appreciated !
Thanks,
Olaf
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
