Hi all,
My first two rule is the default:
source dest traffic action
any fw any deny
fw any any deny
I have a scenario whereby I need to connect from the fw to one of my
internal servers. Hence I place the rule right on top of the default 2 rules
like so:
fw <some_ip> <specific port> accept # rule 1
any fw any deny # rule 2
fw any any deny # rule 3
For some reason when I do a telnet <some_ip> <specific_port>, I get no
response. Checking the logs, rule 3 is blocking the traffic. But if I remove
rule 3, everything works and guess what, rule 0 is allowing the traffic
through and not rule 1. huh? I know rule 0 are some of the fw-1 properties
settings, but I have removed the dangerous ones (like icmp, dns etc) on day
one. Any of you guys can shed a light here on why this is occurring??
For the record, fw-1 41 sp2 is being run. TIA.
Rgrds,
Wong.
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
