Hi there, I am looking for help on a strange problem we are having with our
FireWall-1 implementation. First, we are running two FW-1 4.1 SP2 (Firewall
Only Modules) on two Sun E250's with Solaris 2.6. Our E250's are also
running Stonebeat FullCluster 2.0 in a load balancing configuration. We
are using FireWall-1's automatic destination address translation to allow
connectivity to an internal server from the Internet and correspondingly
configured the same NAT in our Stonebeat configuration. Now for our
problem; from time to time we are receiving a 'License Violation' warning
from FireWall-1 (we have a 50 node license). When we run 'fw lichosts' we
see entries listing Internet source IP's as internal hosts - we cannot
comprehend how this can be so? We referred to our FW-1 manual and verified
that we have no cabling issues (no alternate paths from the outside world to
our internal network or vice-versa!) and checked our FW-1 logs to verify if
Internet sources are arriving on our external interface. Also, we verified
that we have the correct device name specified in
$FWDIR\conf\external.if. What further compounds the problem is that it
seems that only on occasion will Internet sources be seen as internal hosts
- why? Could this have anything to do with our NATing?
I was wondering if anyone in the FireWall-1 community has experienced this
or something similar to it before - your help would be much appreciated!
Thank-you.
Regards,
Sergio Di Geronimo
Network Analyst
Siemens Business Services
[EMAIL PROTECTED]
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
