Re: [FW-1] HFA-05 on IPSO 3.8.1 issues - "http request too long"

rmat sizes in Smart Defense all together, (setting them to zero), and turning off all HTTP header / response checking, just to prove if it's that part of Smart Defense that's causing the issue or not? -Original Message- From: Mailing list for discussion of Firewall-1 [mailto:[EMA

[FW-1] HFA-05 on IPSO 3.8.1 issues - "http request too long"

Hi, Since applying HFA-05 to our Nokia platforms (Running IPSO 3.8.1 Build033 & NG-AI R55 for IPSO 3.8) we are experiencing lot's of "message_info: Line in HTTP request too long" errors in the event log. (Note: I did actually upgrade IPSO from 3.8.1 Build028 just prior the HFA05 installation if

Re: [FW-1] IPSO 3.9 Anywhere??

Thanks Reinhard, I thought I was missing out on something. I think it's probably wiser to wait for it to go gold in this instance... BETA release Program "&" OS is likely pushing our luck :o( Cheers, Wayne. - Original Message - From: "Reinhard Stich" <[EMAIL PROTECTED]> To: Sent

[FW-1] IPSO 3.9 Anywhere??

Hi, Anyone know where / how to obtain IPSO 3.9 for R60 - NGX? Latest I can find on Nokia's site is 3.8.1.. Cheers Wayne. = To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: se

Re: [FW-1] Export Userbase question

iginal Message - From: "Neil Kemp" <[EMAIL PROTECTED]> To: Sent: Friday, April 22, 2005 11:21 AM Subject: Re: [FW-1] Export Userbase question Fw dbexport I believe -Original Message- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf

[FW-1] Export Userbase question

Hi, Anyone know if it's possible to export the checkpoint user database complete with passwords in cleartext format? (Checkpoint NG-AI R55) Or how to get it into a format to be able to import into an LDAP server directly? Any help / pointers greatly appreciated. Wayne.

Re: [FW-1] Partially-Automatic ClientAuth - not working!!

gt; any -> http -> drop/reject, or remove the http rule from your rulebase and let your drop rule get it. Client auth only is checked if there is no other access rule, even if the client rule is above the access rule. Derek O'Flynn -Original Message- From: Mailing list for discussio

[FW-1] Partially-Automatic ClientAuth - not working!!

Hi All, I need to get partially automatic client authentication working. Without the need to manually add proxy server settings within I.E. (& without the requirement for the Session Auth agent..) I have setup the checkpoint rulebase bits as follows. [EMAIL PROTECTED] > any > any traffic > http

Re: [FW-1] Smartdefence "../" 'Url Worm'

quot;../" 'Url Worm' I had to get checkpoint to write a patch to allow some programs through the http worm catcher, we would turn all of the definitions off and it would still drop communications. if we turned off the root worm catcher it would allow communications to pass. So SmartDef

[FW-1] Smartdefence "../" 'Url Worm'

We are experiencing the very same issues when trying to browse legit business critical websites. Turning off all the Worm Patterns in Smartdefence works, but for obvious reasons, we need to know which individual pattern is blocking "../" url's so we can turn the remaining patterns back on. Any help

[FW-1] Transparent ClientAuth - Password Problem

Hi All, Not sure if you can assist me on this Client Authentication (Partially automatic) problem. I've searched high and low to no avail..:( Basically we have Nokia IP350 / 130's (& Splatform boxes) running NG-AI R55 and currently use Client Authentication with agent automatic sign on. My

Re: [FW-1] Does the Host Name and Firewall Object name should match?

Hi, As I have a Nokia running IPSO 3.8 that is obtaining it's external IP address via DHCP. (one of Telewest's cable "permanent IP" options but given via DHCP only but that's a different story!!) As it's hostname seems to be overwritten via their DHCP server too (with the ext. i/f's MAC address..)

Re: [FW-1] SmartUpdate-Get Data Problem SORTED

Wayne. - Original Message - From: "Wayne Clemit" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, August 19, 2004 10:45 PM Subject: Re: [FW-1] SmartUpdate-Get Data Problem That's the way we have it set-up with the Management / SmartUpdate on a win

Re: [FW-1] SmartUpdate-Get Data Problem

on Nokia. > The cause was related > to applying NG hotfixes to the firewall module via > SmartUpdate. In > short, we had to re-install the firewall software > and apply the hotfixes > from the command line. > > Blair. > > -Original Message- > From: Mailin

[FW-1] SmartUpdate-Get Data Problem

Hi, I have an issue with SmartUpdate's "Get Checkpoint Gateway Data" on 2 of my Nokia Gateways Checking cprid verify's OK but Fetching information from module fails (after a minute or so) with the following errors : Failed to get remote file(/opt/CPshared-R55p/tmp/test.log) as local file(C:/SUr

Re: [FW-1] Floodgate-1 on CP Express R55 NOKIA

eate a new policy package and installed the package... Hope it helps... Regards... -Original Message- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Wayne Clemit Sent: Monday, July 05, 2004 11:17 PM To: [EMAIL PROTECTED] Subject: [FW-1] Floodg

[FW-1] Floodgate-1 on CP Express R55 NOKIA

Hi All, Anyone managed to get Floodgate-1 package working on a Nokia (IPSO3.8) with R55 thats been configured for CP Express (via CPCONFIG) Package installs and looks fine, but refuses to startup due to it thinking it's a management station. Unable to push (or fetch) a QOS policy to the Ga

[FW-1] SecureClient R56 multiple IP's?

Hi All, I have a problem with SR/SC R56 not wanting to connect / failing each time unless I force a Site update, then try to connect to an internal host immediately after. If I disable my additional IP address on my NIC it works fine, without any issues. (But I cannot talk to my private netwo