On Wed, Aug 29, 2007 at 08:35:38AM +0100, Andy Smith wrote:
[snip]
> Is there any way of 'inserting' a rule between two existing rules?
Yah, the policy editor :> However, I can't see it in dbedit.
Actually if you're feeling brave, stop the management server, rm the
appropriate .W (or move it if y
On Mon, Aug 20, 2007 at 11:41:09AM +0100, Jon Spriggs wrote:
> Hi All,
>
> I'm in the process of migrating from a Juniper Netscreen to Checkpoint, and
> I'd like to make the translation as easy as possible.
>
> I've already used the ofiller tool to create the objects which were on the
> Netscreen
On Wed, May 02, 2007 at 05:13:43AM -0700, cisco4ng wrote:
> Hi all,
>
> I have Provider-1 NG Feature Pack 3 with HFA-318 running on Solaris 9. I have
> 2 P-1 Managers 4 P-1 Containers with about 250 CMAs spreading across the
> 4 containers. NO H/A CMAs.
>
> Every now and then, one of the CMAs
On Wed, Jun 28, 2006 at 04:42:59PM +1000, Dahate, Pramod, VF-AU wrote:
> Hi
> I would like to authenticate my Provider-1 Administrators using SecureID
> tokens. Can anyone advice me the procedure or KB regarding this
> including if any files require to be modified etc.
> Thanks in advance
>
I can
On Wed, Feb 01, 2006 at 06:03:46PM -0600, Harold Rugama C wrote:
> Hi to All,
>
> It's a pleasure to write to all of you for assistance. I've been checking
> something strange with Nokia box, when I check the disk usage of the FW1,
> something really strange happen. Below you will see the actual d
On Thu, Nov 17, 2005 at 04:27:18PM +, Neil Kemp wrote:
> Are you sure it is a UDP connection ? I think, although cant check at the
> moment, that it is a TCP connection.
>
Having set up many a Remote Desktop rule, I can confirm that you are indeed
correct here. 3389/tcp is all you need, though
On Mon, Nov 14, 2005 at 03:00:44PM -0500, Prekop, Joe Jr. wrote:
> I am trying to setup a site to site VPN between our firewall (NG R55) and a
> Watchguard v60 device. I have setup a star VPN community with our firewall
> as the central gateway and the Watchguard v60 as the satellite gateway.
> Th
On Fri, Aug 26, 2005 at 01:06:57PM +1000, Ian Harris wrote:
> Does anyone have issues with using secureclient and a Netgear DG834g wireless
> router... or for that matter wireless routers in general
>
> The client has tried setting up ANY --> ANY rules, but still not
> connecting...
> Not even
On Sat, Aug 20, 2005 at 11:19:23PM -0500, Alan Choyna wrote:
> Caused by having to many log files to back up, even though the drives
> and partitions were less than 20% full.
>
> Removed half of my logs, and the problem went away.
>
> Thanks to my Checkpoint support for the solution (even though
On Thu, Aug 04, 2005 at 11:37:55PM +0800, Steven Leow wrote:
> Hi,
>
> I add a client into the rsa server. When i wanted to copy the sdconf.rec
> file to the firewall, the date/time stamp of the file is not updated. Is
> that the way it is?
>
sdconf.rec is not touched (only read) by the firewal
On Thu, Aug 04, 2005 at 10:35:33AM -0700, cisco4ng wrote:
> Here are the steps:
>
> 1) on the linux client machine, log into it with your account. After run
> "ssh-keygen -t rsa", or "ssh-keygen -t dsa", follow the instruction but do
> NOT enter any passphrase,
This isn't going to be necessary
On Fri, Jul 08, 2005 at 10:10:26AM -0400, Brian Anderson wrote:
> I've got 12 Nokia firewall clusters running NG AI R55 scattered around the
> world. I have two management servers (primary and backup) and a
> consolidated log module (CLM) where all of my logs go for each of the 12
> firewall c
On Mon, Jun 27, 2005 at 10:26:52AM -0400, Quick, Richard A. wrote:
> I sync my windows management with NTP from my DC and have (4) Nokia's
> looking at the management for time. Does solaris support NTP?
>
It does.
man xntpd
The above will go into far more detail than you need, so... As you have
On Mon, Jun 13, 2005 at 02:02:08PM -0400, David Strom wrote:
> Then, we can't use SC... there was an earlier suggestion that we *could*
> use a range of IPs within our LAN subnet... All our internal Solaris
> servers use TCP wrappers to only accept connections from our internal
> network only, t
On Fri, Jun 10, 2005 at 12:18:03PM -0700, Venkatesh Sagaru wrote:
> Hi,
>
> Can any one tell me the command to find out active VPN tunnels in
> checkpoint 4.1?
>
> In NG, checkpoint has command "PN TUNNELUTIL" which helps in controlling
> the vpn tunnels. I am looking at equivalent command in che
On Thu, May 26, 2005 at 05:48:41PM -0400, Michael Robare wrote:
> Hi All - I don't remember if I ever posted this question or not.
>
> We have two Nokia IP500's running software release: 3.6FCS6 and ver:1061-2003
>
> I don't know much about these boxes (a consultant install) - just enough to
> be
On Tue, May 17, 2005 at 05:29:31PM +0200, Sébastien Cantos wrote:
> Hi,
>
> I'm running NG FP3 and Cluster XL (multicast mode) on Linux platform. I've
> something setup like this :
>
> WANNET1 NET2
> --- FW --- BIGIP (load balancer) --- FTPD
>
> I've a problem with active F
On Sat, May 14, 2005 at 01:06:03PM +0400, Gareeva Julia wrote:
> Hello!
>
> There is next problem. We have SecurePlatform, R55, HFA_12, HFA_13 or HFA_14
> (with HFA_11 this problem does not exist) and in SmartView Monitor we wish
> to create Suspicious Activity Rule. In window Block Suspicious Ac
On Tue, May 03, 2005 at 05:48:54AM -0700, cisco4ng wrote:
> my bad. I did see:
>
> Saving old bootmgr.
>
> and then:
>
> Installing new bootmgr.
Curious. After this grabs a copy of the bootmgr and md5s it, then compares
it with the hash of the new one. If they don't match it should whinge - as I
On Tue, May 03, 2005 at 04:03:38AM -0700, cisco4ng wrote:
> Hi,
> I have scripts to automate the firewall building process. First the
> firewall is installed with IPSO 3.5FCS14 mannually from boot manager.
> After that, it is run through scripts to upgrade to IPSO 3.7.1 build 004
> and Checkpoint
On Sun, May 01, 2005 at 06:11:42AM -0700, cisco4ng wrote:
> All,
>
> I have a Nokia IP650 and I install IPSO 3.5FCS14 at bootmanager from
> scratch. Later on, I install IPSO 3.7.1build004 with the following
> command: "/etc/newimage -k -R -b -l ipso.tgz". By the way ipso.tgz is IPSO
> 3.7.1build 0
On Thu, Apr 28, 2005 at 09:40:01AM +0200, Landolina Salvatore wrote:
> I had a similar problem with VPN between IP40 and R55. The trouble was
> that ESP packets outgoing from Check Point to Ip40 had a wrong SOURCE
> address. The source address of outgoing packets had the ip address of a
> INTERNAL
On Tue, Apr 26, 2005 at 10:22:58AM +0200, Sascha Picchiantano wrote:
[snip]
> 1. - allow HTTO outbound, unauthenticated, source: web cache server
> 2. - allow HTTP outbound, client auth, source: any
>
> Note that I have about 200 rules and that the two mentioned here are not
> numer 1 and 2, it's j
23 matches
Mail list logo