Hi all Platform: Solaris VPN-1 SP5
I have Anti-spoofing installed, but am having a few problems with the ARP/NAT'd hosts and was wondering if someone can help. Yes, I have read the phoneboy spoofing stuff, but it doesnt mention anything about ARP/NAT'd hosts I have a three-legged firewall (LAN/DMZ/External - subnets have been changed to protect the not-so-innocent). External - 10.0.1.0/24 DMZ - 10.0.2.0/24 LAN - 10.0.3.0/24 (with other subnets via WAN) According to the Phoneboy article, the Anti-Spoofing setup should be: External - Others DMZ - This Net LAN - Specific (group containing all internal subnets) now, from what I can see, for the ARP'd/NAT'd DMZ hosts I have to change the external interface anti-spoof setup to be: External - Others + <a group with the ARP'd/NAT'd addresses> If so, do I include the pre-NAT or post-NAT addresses for those hosts? (i.e Is NAT done before or after the anti-spoof check?) Any help with this would be greatly appreciated (as always!) -- Steve ------------------------------------------------- Steve Loughran, Network Infrastructure Manager Sony Computer Entertainment Europe (Cambridge) Home Page -> http://sl.scee.sony.co.uk/ Yamaha YZF1000R Thunderace ICQ#: 12666311 (Work), 104426046 (Laptop) Team Waste - Where do you want to go wrong today? =============================================== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ===============================================