It's anti-spoofing.
Either disable it, or add the real IP address into the internal
anti-spoofing group.
Cheers,
Michael.
-----Original Message-----
From: Pope, David [mailto:[EMAIL PROTECTED]]
Sent: Friday, March 02, 2001 3:59 PM
To: [EMAIL PROTECTED]
Subject: [FW1] telnet to a internal client
Hi all,
I am new to Checkpoint and am wondering how to properly set up a rule to
allow a external client to telnet to an internal NATed client.
I have given the internal box a valid external address through NAT.
I have set up a rule with the source as both the external and internal
clients and the destination as both the external and internal clients with
the service of "telnet", "accept".
In the log viewer the connection is accepted on rule 1 which is the proper
rule, but immediately after the connection is "rejected" on rule 0, same
port, same time, etc.
Is it the return packet that is being rejected?
Why do I have a "reject" on rule 0 if none of my implied rules have "reject"
in their actions?
Any help is appreciated,
Dave Pope
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
