Claudio,
REMOTE_NET SAP_SERVERS 3200-3399 TCP (SAP_GW)
3600-3602 TCP (SAP_MS)
3299 (SAP_OSS)
---------------------------------------------------------------------
SAP_SERVERS REMOTE_NET 3200-3399 TCP (SAP_GW)
3600-3602 TCP (SAP_MS)
---------------------------------------------------------------------
You don't need the SAP_OSS ports unless you are connecting to SAP_OSS. I
don't know, your port numbers may not be the same either. I really don't
like the number of ports that I have to leave wide open. We have offices in
Canada, the States, and in Europe... So I have to leave it open to all of
our subnets. (but not the internet)
For users connecting via securemote, the same rules apply.
I've been using this for about a year now with no problems whatsoever.
======================================================================
Joseph Voisin, Systems Administrator, Engel Canada Inc.
www.engelmachinery.com | [EMAIL PROTECTED] | (519)836-0220 x436
PGP Fingerprint: A20B 135D 0920 074F C7FE D72D 88A7 2521 5138 DFC2
======================================================================
> -----Original Message-----
> From: Claudio Lupi [mailto:[EMAIL PROTECTED]]
> Sent: Monday, September 25, 2000 1:22 PM
> To: Fw-1-Mailinglist
> Subject: [FW1] Firewall-1 and SAP
>
>
>
> Can anyone help me writing a rule to filter SAP traffic
> between a Sap server and a SAP Client + priner
> My Chepoint Firewall-1 release is 4.1 on NT 4.0 SP6a.
>
> Thanks
> Claudio
>
>
>
> ==============================================================
> ==================
> To unsubscribe from this mailing list, please see the
> instructions at
> http://www.checkpoint.com/services/mailing.html
> ==============================================================
> ==================
>
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
