Re: [FW1] anti-spoofing on aliased interfaces

Paul . Simons Fri, 29 Sep 2000 13:17:13 -0700


FW-1 ignores virtual interfaces. You need to define two network objects (
one per subnet) then create a network group with them in. Then use this
group in the anti spoofing entry of the physical interface.
Paul
--------------------------------------------------------------------------------------------

C. Paul Simons
Corporate Network Services
IHS Energy Group, Englewood, CO.

Main: +1 303 736 3000
Direct: +1 303 736 3451
Fax: +1 303 736 3860
Mobile: +1 303 748 5242


                                                                                       
                                                   
                    Lance Spitzner <[EMAIL PROTECTED]>                                
                                                   
                    Sent by:                                    To:     
[EMAIL PROTECTED]                          
                    [EMAIL PROTECTED]        cc:                    
                                                   
                    kpoint.com                                  Subject:     [FW1] 
anti-spoofing on aliased interfaces                    
                                                                                       
                                                   
                                                                                       
                                                   
                    29-09-00 12:33                                                     
                                                   
                                                                                       
                                                   
                                                                                       
                                                   





I've aliased an interface (hme0:1) on FW ver 4.1, running on Solaris.

Can one add an aliased interface to the interface objects
on a firewall?

Can one setup anti-spoofing on an aliased interface?

Last, does the aliased interface show up on the 'fw stat -li'
command?

Thanks!

--
Lance Spitzner
http://www.enteract.com/~lspitz




================================================================================

     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================





================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================
Re: [FW1] anti-spoofing on aliased interfaces

Reply via email to
