Robert,
the basic command is :
/sbin/arp -i eth0 -s 192.168.2.1 00:0C:99:88:EE:32 pub
You'll aslo want to add this to a startup script in
case you reboot. I use the full path on the command,
becuase the normal path may not be set up yet when you
startup script runs.
HTH,
Pete Goodridge
--- Ro
Hi,
This sounds like it's the Cisco that is doing the auto
summarizing. See iof there is a no auto-summary
command for the VPN setup on the Cisco. They use this
command for some of their routing protocols.
HTH,
Pete Goodridge
--- "Roelandts, Guy" <[EMAIL PROTECTED]> wrote:
> Martin,
>
>We
The only problem with that solution is that all your
current tcp/ip sessions on the WAN link will be
dropped by Checkpoint because they are "unknown
established TCP packets". Not a big problem for web
traffic, but pretty bad for telnet, ssh, long file
transfers, etc.
This problem goes away if yo
I've been very happy moving my boxes from Nokia over
to Linux running on Penguin Computing boxes. For the
cost of Nokia support I can have a cold swap penguin
sitting there ready to go. Also the patches for Linux
seem to come out sooner then for Nokia. If you're
used to Linux and comfortable wit
Hi,
I'm setting up a stand alone NG FP2 box on linux, that
will be used to give users access to a webserver using
Client Auth with SSL on port 443. I'm using ssl with
a verisign test certificate, and it seems to work
fine.
There's only one strangeness. When you first go the
site using the DNS
Nick,
You need to use the replacefiles rpm option with the
Checkpoint upgrades. Try using :
rpm -ivh --replacefiles CPfw1-41.4.SP4.i386.rpm
HTH,
Pete Goodridge
--- Nick White <[EMAIL PROTECTED]> wrote:
> Dear all,
>
> having the CP 4.1 installed in RH 7.0, after
> installed
> the firewal-1,i
Idan,
This strikes me as a bad idea on the face of it.
Assuming it's a good idea get a copy of winbatch. This
software allows you to write programs that fill out
windows dialog boxes, etc. I don't believe winbatch
encrypts anything so your username/password will be
sitting there in plain text.
Turn off DNS resolution under Select->Options->Resolve
addresses. It becomes usable. Of course then you can
only see ip addresses, but...
HTH,
Pete Goodridge
--- [EMAIL PROTECTED] wrote:
>
> Just seconds! Wow, that's fast. The normal situation
> here is 10 seconds to a
> few minutes before i
SR works fine for me though my AT&T cable modem. It
actually worked better than dialup, since I have a
laptop that I carry back and forth to work. I don't
have to flush my routes anymore since I'm always using
the ethernet interface all the time.
What exactly is not working, or whatever?
TH
Hi,
I've been looking at e-mail anti-virus scanning
products. Trend would be an easy choice to sell
management, but the vendor we're talking to doesn't
like using CVP, even though this is one of Trend's
selling points.
Can anyone recommend a Trend vendor in the Boston area
who has done good wo
Elliot,
I'd be really surprised if you can get Checkpoint 4.1
to work on Redhat 7.1, since 7.1 uses the new 2.4
Linux kernel. You'll have better luck with using
Redhat 7.0 which still has the 2.2 Kernel. Make sure
you get 4.1 sp3.
Sorry, I don't have a good doc link.
HTH,
Pete Goodridge
--
Ivan,
Did you remember the arp and the route?
Shouldn't you be nating to the internal IP? You also
need a rule to translate the private ip address source
going out bound:
src:10.1.1.100 dest: any service:http src:public ip
dest: same
Also make sure you test from outside the fw.
HTH,
Pete Go
Yes, it is. I know I'm using that exact model now.
You'll need to:
Use IKE for SR
Enable IPSEC passthru on the Linksys
You may also need to:
Enable UDP encapsulation on your firewall
Upgrade the firmware on the Linksys box. I'm using
firmware v1.37, Jan 03 2001
HTH,
Pete Goodridge
--- "Wi
Jan,
Between Nokia and NT I'd go with Nokia. I'd also
recommend looking into running Checkpoint on Linux.
The hardware will be cheaper, and the maintenance will
be much cheaper. I have two Checkpoint VPN-1s running
on Linux, and I'm getting ready to move 5 Nokias
running Checkpoint to Checkpo
Hi,
Phoneboy has a FAQ on running X-winodws, etc. though
SecuRemote at :
http://www.phoneboy.com/fw1/faq/0164.html
You can also find a free version of ssh at:
http://www.openssh.com/
Also, checkout VNC which is a windows/unix remote
control free product from AT&T. It has an advantage
over r
Aldofo,
No clues,just questions:
What encryption are you using, FWZ or IKE?
Is your Secure Remote PC behind a NAT device?
THX,
Pete Goodridge
--- "Cadillo, Adolfo" <[EMAIL PROTECTED]> wrote:
>
> Hello all, I am getting the securemote error every 5
> seconds. I login and
> everything works
Aeon,
I believe when you install SP2 you need to use the
--replacefiles rpm option.
HTH,
Pete Goodridge
--- Aeon <[EMAIL PROTECTED]> wrote:
> Can anybody please give me some assistance in the
> installation of CP sp3 on linux (redhat 6.2)? I've
> download sp2, and sp3 from Checkpoint's site a
Hi,
Phoneboy has a FAQ on running X-winodws though
SecuRemote at :
http://www.phoneboy.com/fw1/faq/0164.html
You can also find a free version of ssh at:
http://www.openssh.com/
Also, checkout VNC which is a windows/unix remote
control free product from AT&T. It has an advantage
over running
18 matches
Mail list logo