Hi Sun,
> It's possible to hide it but at the expense of a few things.
> Disable control connections option from the Policy/Properties. Then those
> port will be hidden. Instead you'll have to create manual rules to allow
> remote FW management and GUI connections.
I tried what you suggested but how can I make sure that FW-1 is accepting the
control services only on a specific (e.g. internal) interface?
Looks to me like after unsetting the Control Connections and restrict it to
dedicated IPs the ports are still open (as it should be).
I´d rather suggest to put a ACL on the border router so you can make sure for
some how that it´s no possible to access the FW from the internet.
Marco
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
