Re: [FW-1] Connectra secure WorkSpace

Hi, It didn't help. CheckPoint confirmed that this is some kind of bug (they got similar reports from other customers). I'm waiting for sollution and will inform you. Regards AndrejS -Original Message- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Be

Re: [FW-1] HTTP Upload Problem.

If you are using some gateway with multicast interface - Layer 2 multicast -(i.e. Checkpoint Cluster XL in Multicast Mode, or other device like a router) on a switch without support for multicast ethernet frames(or a hub), then you'll have a DUPs packets because all routers devices in the same I

Re: [FW-1] nokia subinterfaces

Your big issue is really a default gateway, if you set up to tagged interfaces assigned an ip ip to each both Ip addresses will in fact work. Now where things get tricky is balancing traffic amounst the interfaces. If that is your goal it can be done but generally it is easier to set up a dyna

Re: [FW-1] nokia subinterfaces

Hi Lino, What are you trying to accomplish by using two IP addresses on the external interface? On a Nokia box, you normally would have just one IP address and use proxy ARP and static NAT for any others. Ray From: Lino Eduardo Avila Rodríguez <> Reply-To: Mailing list for disc

[FW-1] Issues Provider-1 NG Feature Pack 3 with HFA-318 running on Solaris 9

Hi everyone, Anyone still running P-1 NG Feature Pack 3 with HFA-318 on Solaris 9 in your environment? I have a P-1 distributed environment (separate Manager & Containers). Every now and then, one of the CMAs just stops working for no reason at all. In other words, the fwm p

Re: [FW-1] HTTP Upload Problem.

Hi Aman, Tell your firewall Administrator to disable "http worm catcher" and it will work. I have the same problem with http upload and I was able to upload file via http after disabling this feature. If this works, the FW administrator can tweak this option a little more without

Re: [FW-1] Installation of Policy on R55 Firewall

hi, disk full? try to delete some data and reboot the server. cheers reinhard At 00:19 21.07.2006, you wrote: Hi group Has anyone seen this error before when pushing a policy out ? Failed to create state directories for installation targets Thanks. =

[FW-1] Installation of Policy on R55 Firewall

Hi group Has anyone seen this error before when pushing a policy out ? Failed to create state directories for installation targets Thanks. = To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the e

Re: [FW-1] fw unload localhost on NGX ?

Hello, It works ! Thanks a lot for your help. Regards, Alain. -Original Message- From: Simon Kowallik [mailto:[EMAIL PROTECTED] Sent: jeudi 20 juillet 2006 22:20 To: Mailing list for discussion of Firewall-1 Cc: Lamblot, Alain Subject: Re: [FW-1] fw unload localhost on NGX ? Hi, try

Re: [FW-1] fw unload localhost on NGX ?

Hi, try the following command: # fw ctl uninstall See CheckPoint_NGX_CLI_Guide.pdf for more details. Regards, Simon Lamblot, Alain wrote: > Hello, > > I would like to unload the policy on a NGX60 module. > > When I try to use the command "fw unload localhost", I receive following > error "Unk

Re: [FW-1] fw unload localhost on NGX ?

Try fw unloadlocal -GS -Original Message- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Lamblot, Alain Sent: Thursday, July 20, 2006 3:42 PM To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM Subject: [FW-1] fw unload localhost on NGX ? Hello, I woul

Re: [FW-1] fw unload localhost on NGX ?

The command is now "fw unloadlocal" Vincent -Message d'origine- De : Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] De la part de Lamblot, Alain Envoyé : 20 juillet 2006 15:42 À : FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM Objet : [FW-1] fw unload localhost on NGX

Re: [FW-1] fw unload localhost on NGX ?

Alain: Try fw unloadlocal -Brandon On 7/20/06, Lamblot, Alain <[EMAIL PROTECTED]> wrote: Hello, I would like to unload the policy on a NGX60 module. When I try to use the command "fw unload localhost", I receive following error "Unknown command localhost Can someone tell me if the command

Re: [FW-1] fw unload localhost on NGX ?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 the command is "fw unloadlocal" like in NG. Saludos, Alvaro Gastambide Lamblot, Alain wrote: > Hello, > > I would like to unload the policy on a NGX60 module. > > When I try to use the command "fw unload localhost", I receive following > error

[FW-1] fw unload localhost on NGX ?

Hello, I would like to unload the policy on a NGX60 module. When I try to use the command "fw unload localhost", I receive following error "Unknown command localhost Can someone tell me if the command has been replaced or removed since NGX ? <-- FW[admin]# fw stat HOST POLICY DATE

[FW-1] nokia subinterfaces

Hi all! I have a this issue. The nokia is configured with two IP address in the same external interface, the problem is that when it reboots, the outgoing IP is one IP but after a reboot it takes the other IP, actually, it alternates the outgoing IP and I don't know how to configure it to use o

[FW-1] HTTP Upload Problem.

Hello everyone, I am not directly an administrator for checkpoint FW-1 at our institution, but we are experiencing problems with HTTP file uploads of significant sizes (say over 1Megs). I am asking this question in order to be better prepared and help the administrators fix this problem. Every ti

Re: [FW-1] site to site vpn one firewall has an internal ip address in the General screen of firewall object

Thanks to everyone for their replies. I think we will just go ahead and give the General Tab the external IP. Jeremy Lieb CCSE-NG CCSE+NG Firewall Administrator Open Text Corporation 100 Tri-State Int'l Pkwy Third Floor Lincolnshire, IL 60069 18472679330 ext 4395 -Original Message- F

Re: [FW-1] site to site vpn one firewall has an internal ip address in the General screen of firewall object

Our system is/was working fine with the internal IP in the general tab. Before NGX R60 I think it was because of the topology setup, the firewall knows which interface is external and which interface has the encryption domain. After R60 there is the "Link Selection" menu in the gateway proper

[FW-1] VPN via SSL configuration

We have 2 checkpoint locations, both running SPLAT NG AI R55. One location has a cluster running HFA09 (with VPN using simplified mode), the other has a stand alone gateway/management server running HFA16 (with VPN using traditional mode). When the servers were built l configured the managemen

Re: [FW-1] SmartDefense Opinion

Ray wrote: We like SmartDefense and have been using it for three years (we're on R55 now). It shows us a lot of things we never would have looked for When we switched SmartDefense on both the firewall enforcement points promptly hung - compounded with some bad advice we ended up re-installin

Re: [FW-1] stop SmartDefence on remotely managed Edge

I feel they still need to do a lot of work on these sofaware boxes. I just finised evaluating a edge box and it was ok for very basic stuff but after turning on a few security settings the box just crapped out. I could barely get a 600MB iso through. It would fail a majority of the time. To pay tha

Re: [FW-1] stop SmartDefence on remotely managed Edge

This questrion might be answered faster over on the Discussion Groups of http://www.sofaware.com (lower left part of the home page). Their tech support people monitor the forums and post replies as well as it being used to user-to-user support. Ray From: Motta Corrado <[EMAIL PROTECTED]> Rep

Re: [FW-1] SmartDefense Opinion

We like SmartDefense and have been using it for three years (we're on R55 now). It shows us a lot of things we never would have looked for specifically. The ability to enforce standards, like no binary in HTTP headers as well as the ability of SmartDefense to block many peer-to-peer programs is

[FW-1] 2 Router to Extrern on 1 Gateway

Hey, we got a second leased line to the internet and plan to connect it to our VPN-1-Gateway R60. Which licenses i need? On which IP i have to out my license? Which way your prefer? We are using some SecureClient´s and another SecurePlatform-Gateway. Regards, Dirk

[FW-1] stop SmartDefence on remotely managed Edge

Hi Gurus. Situation: -- Central managed CP on Splat R61 Remote X-edge Embedded NGX-6.0.76x SmartDefence on the R61 have this configuration in ApplicationInteligence: FTP |--> FTP security server |--> Block Port Overflow turned off (not checked) |--> Bloc

Re: [FW-1] User locked

Hi Dirk, If it's an admin you're trying to unlock: try fwm unlock_admin -u "admin_id" Hope this helps... Yvonne On 7/20/06, Dirk Udo <[EMAIL PROTECTED]> wrote: Hi Eva, Thanks for your fast answer. Unfortunately I do not see the locked user. The problem is the user tried to log in with the

Re: [FW-1] User locked

hi, also a cprestart of the mgmt helps. cheers reinhard At 08:07 20.07.2006, you wrote: try to open Smartview Status with admin right, go to system status, highlight the management where you should see the user on the right panel, then go to the menu bar Tools/Disconnent Client >-Original

[FW-1] silly Cluster HA question.

Dear list, I have just setup a cluster HA gateway in my test area. I have one question(I am not sure if this is normal). In my cluster gateway, I have 2 cluster members. For example cluster1 is active and cluster2 is standby. Cluster2 can ping the Virtual IP. But cluster1 can't. is that normal? E

Re: [FW-1] User locked

Hi Eva, Thanks for your fast answer. Unfortunately I do not see the locked user. The problem is the user tried to log in with the wrong password several times and now the id is locked. Regards, Dirk. -Oorspronkelijk bericht- Van: Mailing list for discussion of Firewall-1 [mailto:[EMAIL