Norman,
- Make sure you're not natting the communication between the firewall and the radius
server.
- Make both the internal nic and the licensed nic a radius client.
I have setup working configs with both FP2 and FP3 to NT4 and w2k IAS.
Lars
> -Original Message-
> From: Norman Zhang [
that needs to be changed to allow an incoming connection? Thanks
for your help.
-Aaron
-Original Message-
From: Lars Troen [mailto:[EMAIL PROTECTED]
Sent: Wednesday, March 05, 2003 2:18 AM
To: [EMAIL PROTECTED]
Subject: Re: [FW-1] NetOP back to SecuRemote client
Aaron,
You should us
I solved it. It was caused by a missing route entry for this particular public address.
Lars
>
>
> After upgrading from 4.1 to NGfp2 we're getting this message.
> The problem is however that we have only *ONE* interface
> defined as external. It's however a static nat'ed address
> that is contacte
I have an external Mac user trying to access an ftp server, but he's not able to do
anything. We're not using the ftp security server, but it SmartDefense is triggering.
Both the client and the server are behind natted gateways. Can anyone explain what's
happening? I'm a bit sceptical on disabli
Aaron,
You should use the IP Pool NAT address or the SecureClient Pool IP if you're using
that. Works fine with vnc and NG.
Lars
> -Original Message-
> From: [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, March 04, 2003 00:29
> To: [EMAIL PROTECTED]
> Subject: [FW-1] NetOP back to SecuRemot
After upgrading from 4.1 to NGfp2 we're getting this message. The problem is however
that we have only *ONE* interface defined as external. It's however a static nat'ed
address that is contacted when this log entry appears. Anyone else seen this?
Lars
===
Manage / Services / telnet /Advanced / Session timeout
> -Original Message-
> From: Guangcheng Wen [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, March 05, 2003 07:44
> To: [EMAIL PROTECTED]
> Subject: [FW-1] Telnet session times out
>
>
> Hello Gurus,
> The telnet session to a FW-1(NG FP3)
I'm currently in the process of installing SecurePlatform FP2 on a compaq server. As
this box will be on a remote location I would really like to have some hardware
monitoring agents that could notify me when something is wrong. Compaq has management
agents that handles this.
I downloaded the s
What was your solution? I have now cleaned out the system and upgraded from 4.1 to
SecurePlatform FP2 instead and so far it seems stable with the upgraded rule set and
all.
Lars
> -Original Message-
> From: Christian Osterbrink [mailto:[EMAIL PROTECTED]
> Sent: Monday, February 24, 2003
It's possible to do this, but you need an addon, but it's not exactly a third party
addon as it's Checkpoint software, namely MetaIP.
Other and cheaper ways of solving this particular problem would be to use a proxy
server that could utilise transparent user authentication. Both MS Proxy/ISA S
nder if setting RADIUS on W2K/NT is
> really good
> idea. Do you need if there's a similar solution in Linux? I
> know Linux can
> hook with NT via Samba.
>
> Regards,
> Norman
>
> - Original Message -
> From: "Lars Troen" <[EMAIL PROTECTED]>
I've just installed SecurePlatform NG FP3 on a Compaq ML350 with a Smart 320 array
controller. I have two compaq dual NICs in the system. I've transferred a 4.1 rule set
and I have upgraded the old configuration using the upgrade script. Everything seemed
to work just fine. I even managed to log
ome other better
> authentication combined with RADIUS ?
> Wayne
> --- Lars Troen <[EMAIL PROTECTED]> wrote:
> > Ho Norman,
> > In w2k it's calles Internet Authentication Services
> > and must be setup to allow clear text authentication
> > (chap) inste
Ho Norman,
In w2k it's calles Internet Authentication Services and must be setup to allow clear
text authentication (chap) instead of MSCHAP (default setting) in order to work. But I
think it's only available on w3k server and not workstation. I think that also used to
be the case on nt4. On NT4
We have used some of these for a while now and there have been some issues, but we
opened a case with checkpoint (this was also reported here) and the issues were
resolved in firmware 3.0.32.
You should also be aware that to the client the s-box is more like securemote than
secureclient, becaus
M.,
The error log is really the dr Watson log file (drwtsn32.log). Usually located in the
winnt or system32 dirrectory (don't remember exactly).
Lars
> -Original Message-
> From: Marc Elsen [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, February 12, 2003 14:18
> To: [EMAIL PROTECTED]
> Su
You should also beware that this will only work with IKE vpn's on firewalls that have
authenticated topology downloads.
Lars
> -Original Message-
> From: Tim Parker [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, February 12, 2003 15:28
> To: [EMAIL PROTECTED]
> Subject: Re: [FW-1] FW1 4.1
Hi Joseph!
This is indeed a hack attempt, but it's likely to origin from Nimda-infected machines.
We can still see quite some amounts of these scans on the net.
Lars
> -Original Message-
> From: Joseph LeMay [mailto:[EMAIL PROTECTED]]
> Sent: Monday, February 10, 2003 23:35
> To: [EMAIL
While trying to merge a standalone firewall's settings into an existing management
server we've encountered some problems. The management server is FP3 and the existing
modules are FP3 too. The standalone firewall is 4.1, but is going to be upgraded to
FP3 (on SecurePlatform) in this process. I
Title: Message
This
is a w2kSP3 problem. Try downgrading to SP2 and your problem
will be gone.
Lars
-Original Message-From: MARK GRAHAM
[mailto:[EMAIL PROTECTED]]Sent: Thursday, February 06, 2003
17:32To:
[EMAIL PROTECTED]Subject: [FW-1]
Firewall stops routing after 4
Yep.
Both Securemote, SecureClient and Sofaware is working here in hybrid mode with radius
auth or s-key.
Lars
> -Original Message-
> From: Ken Cameron [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, February 05, 2003 16:10
> To: [EMAIL PROTECTED]
> Subject: [FW-1] Anybody got NG FP3 with
hanks
Ricardo Marques
-Original Message-From: Lars Troen
[mailto:[EMAIL PROTECTED]]Sent: sexta-feira, 31 de Janeiro
de 2003 22:38To:
[EMAIL PROTECTED]Subject: Re: [FW-1]
FTP
ncftp. It's included in cygwin.
Lars
-Original Messa
ncftp.
It's included in cygwin.
Lars
-Original Message-From: Marques, Ricardo
[mailto:[EMAIL PROTECTED]]Sent: Friday, January 31,
2003 13:43To:
[EMAIL PROTECTED]Subject: [FW-1]
FTP
Does anyone knows
a FTP client for windows 2000 with the following
characteristic
If it's the firewall database then you can edit each user and change the expiry date.
If you have many users, checkpoint has also a tool that can change the expiry date for
all the users. I'm not sure if this is available for NG.
If it's not an authentication problem (user can successfully login
Then you'll be unable to communicate with those networks on the internet that are
within this range. Only 172.16-31.x.x is reserved for internal use, the rest of the
addresses are in use on the public internet.
Lars
-Original Message-
From: Stefan Funk [mailto:[EM
The latest version on VPN210 is 4.1SP2. Newer versions if fw-1 require newer versions
of IPSO and these are not supported by the VPN210. The 210 was also delivered with 266
and 300MHz cpu's.
You might be able to install SecurePlatform on it (I haven't tried it myself) and get
NG up and running
I haven't tried vpn against netopia, but you can normally establish vpn to a private
network without any special configuration. It's part of tyhe vpn spec to support it.
Anyhow; Netopia has a document on this for 4.1:
http://www.netopia.com/en-us/support/technotes/hardware/NIR_078.html?print=yes
Make sure you can connect to the firewall at tcp 264, tcp/udp 500 and udp 2746. Hint:
use netcat.
Also, you could enable logging in the iptables box and watch if anything is being
blocked.
Lars
-Original Message-
From: Helge Hetland [mailto:[EMAIL PROTECTED]]
Dear list!
After trying sofaware for a while some users we're now experiencing some problems. The
problems are not present all the time. It works better for some users than others and
it works for all on some occations. We thought for a while that it was the ISP, but
all communication ports used
perties of the user
-Original Message----- From: Lars
Troen [mailto:[EMAIL PROTECTED]]
Sent: 03 January 2003 22:43 To:
[EMAIL PROTECTED] Subject:
Re: [FW-1] Sofaware in the new year
I don't think so. All my licenses have an expiration date of
"never".
btw,
just go to your UserCenter account, download a new SecureRemote
> license, and install it on the gateway.
>
> --Dave Dyk
>
> -Original Message-
> From: Lars Troen [mailto:[EMAIL PROTECTED]]
> Sent: Friday, January 03, 2003 6:54 AM
> To: [EMAIL PROTECTED]
> S
After turning into a new year all sofaware boxes stopped working. The external user
profile has not expired and a reboot doesn't help. Normal Securemote/SecureClient
sessions works just fine. The error message we're getting is:
reason: Refused Topology request. User unknown.
It is dropped by rul
The site information is in the userc.C file. Just take a userc.C file from an
installed sr install and replace it with the standard userc.C file in the archive.
Lars
> -Original Message-
> From: RBHATIA [mailto:[EMAIL PROTECTED]]
> Sent: Friday, December 20, 2002 18:47
> To: [EMAIL PROTE
The os might be caching the ip address. If you're using w2k you can do "ipconfig
/displaydns" to see your dns cache and the TTL for each entry.
Lars
> -Original Message-
> From: Mills, Paul [mailto:[EMAIL PROTECTED]]
> Sent: Friday, December 20, 2002 19:03
> To: [EMAIL PROTECTED]
> Subje
Aaron,
Yep. This is possible. In NG FP2/3 checkpoint also ships a tool for modifying these
settings.
Lars
-Original Message-
From:[mailto:[EMAIL PROTECTED]]
Sent: Fri 12/20/2002 12:27 AM
To: [EMAIL PROTECTED]
Cc:
Subject: [FW-1] Answer file with SecuRemote inst
Title: Secure-Remote DNS
If
you're using both Secureclient with Office mode and Securemote/SecureCleint
without office mode there seems to be a problem if you specify the same dns
server in office mode and on servers/securemote dns. This seems to be a problem
atleast for office mode clients.
Adaptec's series of DuraLAN, Duralink, Cogent, ANA 6944 etc usually work fine.
http://www.adaptec.com/worldwide/support/suppdetail.html?prodkey=Duralink64_for_DuraLAN_NICs
You don't specify an OS though.
Lars
> -Original Message-
> From: Juan Bautista Carcavallo [mailto:[EMAIL PROTECTED
On www.sofaware.com/support it states: Safe@ firmware 2.0.39 - If you have an older
firmware you should replace it with this firmware. For the most recent 3.x firmware
update make sure you have purchased software subscription.
Ok.. The box I'm having here is 2.0.23 and it works fine. But after u
>
> Yes. it works, but you need to get the Safe@ SmartCentre Connector
> (SSC) to do it, and the SmartCenter has to be on a Windows machine,
> in standalone mode...
>
> You can download the SSC from the downloads site...
>
> HTH...
>
> - Martín.
I tried to install the SSC on our vpn-1 gateway (lim
Yes, it is.
Support for windows 2000 was introduced in 4.1SP2.
Lars
> -Original Message-
> From: X Xpid [mailto:[EMAIL PROTECTED]]
> Sent: Monday, December 09, 2002 23:01
> To: [EMAIL PROTECTED]
> Subject: [FW-1] Win2000 - Management Console - Checkpoint
> Firewall1- 4.1
>
>
> Can anyone
Sounds like you're using w2k sp3? This problem is solved by rolling back from sp3 to
sp2 on w2k.
Lars
-Original Message-
From: David Hassilev [mailto:[EMAIL PROTECTED]]
Sent: Friday, November 29, 2002 18:38
To: [EMAIL PROTECTED]
Subject: Re: [FW-1] Memory leaks - FP3 on Win2K - problem id
Matt,
I think you should rather authenticate directly against the NDS database through
Radius. I've done this before and it works fine ;)
Lars
> -Original Message-
> From: Matt Kehler [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, November 28, 2002 18:53
> To: [EMAIL PROTECTED]
> Subject:
Hi!
This is a known problem and the workaround is to use Office mode. This means that you
need SecureClient licenses and must run Securemote in Connect mode.
Lars
> -Original Message-
> From: Misha Alikov [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, November 27, 2002 22:37
> To: [EMAIL
Nope.. They show up in the normal log. You can also view them by issuing the command:
"fw log -n -f|grep SmartDefense". But after doing some portscanning I can't see it in
the log. The only SmartDefense log entries I've got here is "Large ping". The log only
shows all the connection attempts fro
I
guess you've tried to install an old version of securemote. Try getting the
latest version from http://www.checkpoint.com/techsupport/downloads_sr.html
Lars
-Original Message-From: Dick Livingston
[mailto:[EMAIL PROTECTED]]Sent: Monday, November 25,
2002 23:03To:
[EMAIL
ject: Re: [FW-1] SecuRemote DHCP
>
> I was using SecuRemote not SecureClient. What if I want my SecuRemote
> client able to access my encryption domain and other networks
> that IS in my
> encryption domain.
>
> -Devon
>
> -Original Message-
> From: Lars Troen
ant my SecuRemote
> client able to access my encryption domain and other networks
> that IS in my
> encryption domain.
>
> -Devon
>
> -Original Message-
> From: Lars Troen [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, November 13, 2002 5:49 PM
> To: [EMAIL PROTECTED
Kenneth,
You can't see anything in the log? It could be the name resolving that is defunct..
Can you connect to an internal ip address? Are you using connect mode (+office mode?)
or transparent mode?
Is the client behind a NAT device?
What version is the client?
What does the log in the Securemot
You can safely add this new license now before changing it on the nic. You will then
have two licenses installed.
Lars
> -Original Message-
> From: Chris Covington [mailto:[EMAIL PROTECTED]]
> Sent: Monday, November 18, 2002 22:24
> To: [EMAIL PROTECTED]
> Subject: [FW-1] IP move - will
No, there's not a port of FW1 to any BSD platform other than IPSO. I guess you'd
better stick with Linux or SecurePlatform.
FW1 used to support Solaris-x86, but not anymore. For x86 unix, Linux/Secureplatform
seems the only way to go now.
Lars
> -Original Message-
> From: Arno Hechenber
Title: Message
1. There's a
checkpoint doc "VPN.pdf" with a chapter called "VPN communities" that describes
this. I guess you can find this on the Checkpoint CD.
2. Yes, you can use
the account log feature on the vpn community access rule(s).
Lars
-Original Message-From: Haim Chi
For prices you should contact your reseller, but to get some idea about prices you can
go here:
http://www.checkpoint.com/products/choice/platforms/platforms_list.html
I guess the Management Station (SmartCenter) costs approx $10-12k.
Lars
> -Original Message-
> From: Perrymon, Josh L.
d other networks
> that IS in my
> encryption domain.
>
> -Devon
>
> -Original Message-
> From: Lars Troen [mailto:Lars.Troen@;PROXYCOM.NO]
> Sent: Wednesday, November 13, 2002 5:49 PM
> To: [EMAIL PROTECTED]
> Subject: Re: [FW-1] SecuRemote DHCP
>
> Devon,
> 1.
No, you must be having some other problem. How is performance when the card is
working? It could be a autosensing 10/100/1000 problem, but also other things.
- Is trafic from the firewall across the other interfaces working ok while the lan
interface is not working (if you initiate connections f
Devon,
1. Do you have a valid SecureClient license (Securemote is not enough)
2. Have your installed the client as a Secureclient (with desktop security) with
Office mode enabled?
3. Can you see an extra secureclient network adapter in the network config of the
client (ipconfig also shows this)?
What version of fw1+os?
W2kSP3 gives a problem like you describe below.
Lars
> -Original Message-
> From: Nor Azam Mohamed [mailto:azam@;INDIA.COM]
> Sent: Wednesday, November 13, 2002 09:58
> To: [EMAIL PROTECTED]
> Subject: [FW-1] Cannot ping to internet
>
>
> My FW checkpoint server ha
botp,
No. While securemote supports nat, it does not support proxy servers. Most vpn client
software works like this. If you want vpn through proxy servers you'd probably have to
go with the citrix "vpn" solution, Citrix Secure Gateway. The vpn trafic will go over
ssl over tcp 443 and it support
Patrick,
I have done this on several occations with a V35 interface; using either Cisco HDLC,
PPP or Frame Relay. Make sure you're setting the correct parameters as on the other
side in order to get this working well. That is.. The other end has usual cisco
default settings while the default nok
there any Web sites have this problem too. Pls lists, let me try!
> >
> > Anyone can tell why and how to solve? I don't want to
> downgrade to FP2.
> >
> > - Original Message -
> > From: "Lars Troen" <[EMAIL PROTECTED]>
> > To: &
>
> try http://communication-market.siemens.de
>
Confirming that this site gives this error here too (FP3). I've also tested this URL
from outside the firewall and it works there. Propably the reason I've gotten som
mailing list errors lately.
I've also seen this error on some smtp and pop3 tra
Yes, there is a PDA version of Securemote available. It doesn't support Nokia, but
supports the following (taken from the readme file):
- HP Jornada 720 HandHeld series
- HP Jornada 560 Pocket PC 2002 series: 560, 565, 568 (with and without the EUU1 ROM
upgrade)
- Compaq iPAQ Pocket PC 2002 (wi
Wen,
1. If you installed the version from the FP2 CD, then you should get a newer version
from checkpoint.
2. Do you get any menus if you right click the icon in the tray?
3. Can you launch Securemote Diagnostics? It can also be launched from the start menu.
4. There should be two checkpoint servi
gt; Subject: Re: [FW-1] SecureRemote NG + Radius
>
>
> Where is the DHCP option for Office Mode in NG FP2? In
> 'Global Properties'
> under Remote Access/VPN, all I see is a checkbox for Office Mode.
>
> -Devon
>
> -Original Message-
> From: Lar
> -Original Message-
> From: Guangcheng Wen [mailto:wen@;BS2.QNES.NEC.CO.JP]
>
> move to the other node. Do I have to keep the time
> synchronized between
> the two nodes?
>
Yes, this is important or otherwise the state table will get out of sync. The easiest
way to do this is to use an in
X Xpid,
Make sure you're on the same service pack level on both the Manegement client (policy
editor) and the firewall itself. If the client has SP3, the firewall should have sp3
too. You can get the build number of the firewall by running "fw ver".
Lars
> -Original Message-
> From: X X
Michal Kolarik,
The short answer is YES. But in addition to copying in the files you must run the
command "fwm upgrade sp3". Be patient this command takes a few minutes, and it works
in the background so in order to know when it's finished you'll have to watch the
process listing.
Lars
> -
After the change of daylights saving time the on hour off problem in the log viewer
seems to be gone. I guess it'll be fine until late march then..
Lars
=
To set vacation, Out Of Office, or away messages,
send an email to [EMAIL PROTECTED]
in the B
Title: Office Mode
The
documentation states that the ip range must NOT be part of the encryption
domain. Also, if you're using the internal interface of the firewall, you must
manually setup the arp table to reflect this.
Lars
-Original Message-From: Mayooran Pooranachandran
[
Title: [FW-1] - SecurRemote doesn't works since ISP change
The
decrypted packet will have the original ip address. If this packet's
address exists within your internal networks, you will have internal
routing problems, and vpn will not work properly.
Lars
-Original Message-From:
Title: [FW-1] - SecurRemote doesn't works since ISP change
How is
the 192.168.x.x segment routed in your internal network?
If you
try to trace to the client address from your NT server, where does it go? If
it's not routed to the firewall you can solve this problem by wither
implementing
Message-
> From: libone mhlanga [mailto:libone@;LYCOS.COM]
> Sent: Friday, October 25, 2002 6:02 AM
> To: [EMAIL PROTECTED]
> Subject: Re: [FW-1] SecureRemote NG + Radius
>
> Well there are three of us interested now ...i tried last
> night and failed
> to make FW1/VPN
ere are at least 2 of us interested in this information... Care to
> share any info you might have on how to go about this?
>
> Regards
> A
>
>
> -Original Message-
> From: Lars Troen [mailto:Lars.Troen@;PROXYCOM.NO]
> Sent: 24 October 2002 8:30 PM
> To: [EMAIL
e to create the users in CheckPoint?
>
> -Devon
>
> -----Original Message-
> From: Lars Troen [mailto:Lars.Troen@;PROXYCOM.NO]
> Sent: Thursday, October 24, 2002 2:30 PM
> To: [EMAIL PROTECTED]
> Subject: Re: [FW-1] SecureRemote NG + Radius
>
> Chris,
> I have us
Chris,
I have used Microsoft Radius (IAS: NT4 / w2k AD) to authenticate users on both 4.0,
4.1 and NGFP2.
Lars
> -Original Message-
> From: Barber, Chris [mailto:cbarber@;CRITICALIP.COM]
> Sent: Thursday, October 24, 2002 18:52
> To: [EMAIL PROTECTED]
> Subject: Re: [FW-1] SecureRemote NG
Olivier RAFAEL,
Remember that if your trying to run an X application from a server in DMZ, the server
in DMZ will try to make a connection to the X-server of the client pc on your local
LAN to display the program. To enable this you must open trafic from your DMZ into
your internal LAN, and that
Trent Libby,
I had local.arp working in FP2 (but not in FP3) and the correct placement was in the
conf directory. In FP3 "fw ctl arp" still gives correct information, but it does not
publish any arp entries.
Lars
> -Original Message-
> From: Trent Libby [mailto:trent@;SYSDYNEINC.COM]
>
[snip]
> When I tried to ping from client to LAN, I will be
> prompt to enter userid and password by SecureRemote. I
> enter username of generic* and a password from one of
> the users on the W2K(I know it sounds stupid), I
> failed to be authenticated.
>
> What are the steps i have missed?
Try usi
nk you for your help and attention
> Regards,
>
>
> Ario
>
> -Original Message-
> From: Mailing list for discussion of Firewall-1
> [mailto:FW-1-MAILINGLIST@;beethoven.us.checkpoint.com]On Behalf Of Lars
> Troen
> Sent: Wednesday, October 23, 2002 3:29 PM
> To: [E
Is your arp working? With fp3 fw ctl arp will yeld the expected results, while the arp
entries are not really published. I had to use fwparp to get arp working again. To
verify this you must view the arp table of one of your external devices (a device
(usually a router) on the external nic, must
Damo,
- Do you see any trafic if you generate some ON the firewall?
- "fw ctl iflist" - Does this command show all interfaces correctly?
Lars
> -Original Message-
> From: Damien Hart [mailto:damien.hart@;CANBERRATIMES.COM.AU]
> Sent: Wednesday, October 23, 2002 06:24
> To: [EMAIL PROTECT
David,
Are you using FP3?
It's blocking X11 by default when using Any services in a rule. It's documented in the
release notes.
Lars
> -Original Message-
> From: David Espinosa [mailto:seguridad.david@;CTV-JET.COM]
> Sent: Monday, October 21, 2002 19:07
> To: [EMAIL PROTECTED]
> Subject:
XP is not supported.
http://www.checkpoint.com/products/protect/firewall-1_sysreq.html
Lars
> -Original Message-
> From: Ulrik "k3rn3lpanic" Guenther
> [mailto:k3rn3lpanic@;PLANETWOLFENSTEIN.COM]
> Sent: Monday, October 21, 2002 22:50
> To: [EMAIL PROTECTED]
> Subject: [FW-1] Newbie Quest
I don't know how much they patched the os, but running wide open is scary. You should
run a virus scan of your disk(s) ASAP. The opaserv worm might already have infected
your server through netbios. In addition there are numerous of worms infecting through
http, and I bet the example scripts are
Except if you have several users behind the same nat address. It's supposed to be
working with office mode, but we've had some problems getting it to work. A Sofaware
box would however solve this problem.
Lars
> -Original Message-
> From: Reinhard Stich [mailto:r.stich@;INTERNET-SECURIT
Title: Message
Neil,
- You
have configured the IAS server to accept CHAP (non-encrypted)
requests?
- The
user you're trying to authenticate are granted dial-in
access?
- You
have both the licensed and the internal ip of the firewall cofigured as a client
in IAS?
- What
does the IAS log sa
I have no technical details, but DES in software is generally considered slow.
According to this message CAST is even faster than DES in hardware:
http://lists.insecure.org/firewall-wizards/2001/Mar/0076.html
You should also consider AES as it's created with cpu load in mind.
Lars
> -Origin
I don't know how you can do it with fw1. But it's possible with PacketShaper ($$$) or
it could probably do it with snort+snortsam (or flexresp). It has already predefined
rules for most p2p programs so I guess it wouldn't be that hard to implement.
Lars
> -Original Message-
> From: Mark
Anyone tried the new L2TP feature in FP3?
Does it support the new udp encapsulation standard (for NAT traversal)?
Lars
=
To set vacation, Out Of Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mail
ll give it a go. Nothing on the NT
> event log or dr
> watson log.
>
> ----- Original Message -
> From: "Lars Troen" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Wednesday, October 16, 2002 1:52 PM
> Subject: Re: [FW-1] FP2 to FP3 Upgrade on W
What happens if you do a "fwm gen rulebase.W"? Does it generate a .pf file? How about
the NT Event log? And the dr watson log?
Lars
> -Original Message-
> From: Joe Bloggs [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, October 16, 2002 13:43
> To: [EMAIL PROTECTED]
> Subject: Re: [FW-1]
.
Case #03
Mail From: <[EMAIL PROTECTED]>
From: blah some
rubbish>
This cause firewall to coredump and all the mails being
stucked at /etc/fw/spool
In all 3 cases, recipients
are valid.
-Original Message-From: Lars Troen
[mailto:[EMAIL PROTECTED]]Sent:
Title: Bad SMTP Header
The
bad smtp header probably relates to smtp messages that are sendt through a http
proxy server. This is usually spam and it will send a http request at the
beginning of the mail. I have not confirmed that this issue causes that
particular message in the smtp security
Except that the free version of safeproxy.org is not using a proxy server. It uses a
cgi script for displaying web sites. But an URI resource will block the paid version
of safeproxy.org that uses a squid proxy.
Lars
> -Original Message-
> From: Volker Tanger [mailto:[EMAIL PROTECTED]]
I haven't done anything since FP2 and it has been working for months with FP2. After
the upgrade to FP3 it suddenly stopped working and we're using traditional mode. Seems
traditional mode isn't too good on FP3... Anyone else having a FP3 vpn to a 4.1 fw?
Lars
> -Original Message-
> F
nd without aggresive mode (on both firewalls), but to
no help.
Things that stops working after a while is really annoying. :(
Lars
> -Original Message-
> From: Lars Troen
> Sent: Monday, October 14, 2002 09:27
> To: [EMAIL PROTECTED]
> Subject: Re: [FW-1] FP3 upgrade
Title: NBNAME Traffic
Curt,
This
is the new W32.Opaserv worm looking for open file shares to spread through. It's
rated to category 3 by Symantec.
Lars
-Original Message-From: Miller, Curt A.
[mailto:[EMAIL PROTECTED]]Sent: Monday, October 14, 2002
19:52To:
[EMAIL PROTECT
Do you have a valid license for SecureClient installed on the firewall?
It won't work without one, and it's not stated too clear that a such license is needed
for getting Office Mode working.
Lars
> -Original Message-
> From: Larry Walden [mailto:[EMAIL PROTECTED]]
> Sent: Monday, Octob
In order to achieve this you can use the smtp security server. In the smtp resource
you define your smtp server's ip address under General/Mail Server. Then you make a
rule like:
Internal_lan >> Any >> SMTP->Mail_Resource >> Accept >> Long >> Any
Now all the smtp sessions will be answered by t
>
>
> Is it all hybrid mode or is it just hybrid mode with certificates?
> //Conny
>
> > -Original Message-
> > From: Mailing list for discussion of Firewall-1
> > [mailto:[EMAIL PROTECTED]]On
> > Behalf Of Lars
> > Troen
> > Sent: Monday, O
Remember that if you're using hybrid mode authentication for securemote/secureclient
you can't use the included script.
> -Original Message-
> From: Deniz CEVIK [mailto:[EMAIL PROTECTED]]
> Sent: Monday, October 14, 2002 09:09
> To: [EMAIL PROTECTED]
> Subject: [FW-1] Manual Upgrade Tool
1 - 100 of 189 matches
Mail list logo
