Hi guys,
I just installed Checkpoint NG on Redhat 7.2. What would be the reason for
the log below?
Feb 6 11:52:37 fw1-intface cpboot: FireWall-1: fw1 module not loaded!
please reboot or run with -driver
Thanks.
Neil
=
To set vacation, Out Of
I am having problem sending to Checkpoint mailing list.
This is a test.
Thanks.
Neil
=
To set vacation, Out Of Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
Ok, here's the situation: 1 FW-1 NG with fw and mgmnt module on Sun Sol 2.8,
pol editor is on win client.
Back side the fw has 4 dmz (192.168.1.x,192.168.2.x, 192.168.3.x and
192.168.4.x), each has it's level of security. front side is the
FastEthernet connection to the router(121.x.x.x).
Hi all,
I have set up a Firewall system on a Nokia 440 platform with a VRRP HA
solution.
What I wonder is, how can I set up a policy server without adding another
server for the secure server solution.
Since I cannot configure a cluster object as a policy server, and
overlapping encryption
Thank's a lot... it works...
Thanks everyone
Renata
-Mensagem original-
De: Don [mailto:[EMAIL PROTECTED]]
Enviada em: quarta-feira, 6 de fevereiro de 2002 20:21
Para: [EMAIL PROTECTED]
Assunto: Re: [FW-1] Log Viewer
All columns are unhide and I cant see any log in others
Hi, again :-)
Gurus I have problems with secure smtp, with messages 554 Mailbox
unavailable., this simply no longer works. the stranger is that in log he
does not show nothing, somebody has some idea?
Firewall 4.1 and linux redhat 6.2
Regards
Marcelo Andrade Guerra
MCSE
Gerencia de Software
Hi, all!
I want to know, what's difference between gol support and gold support
plus?
What do you think?
It's a good idea contract checkpoint support?
TIA
Renata
=
To set vacation, Out Of Office, or away messages,
send an email to [EMAIL
Hi,
I have some problems with ftp transfers. We have a FW-1(Version 4 SP5)
running on Solaris and the VirusWall from Trend Micro (Version
3.6-Build_1184) on Solaris, too. The systems are configured for CVP use. If
we start an ftp transfer it takes very long time (7min for 16MB) until the
file is
Hi all,
I have a lot of log entries like this
Action: drop
Service:diverse port higher than 1023
Source: 255.255.255.255
Dest: IP of internal Server
Proto: ICMP
Rule: 0
S_Port: 769
Info: reason: local interface address spoofing
Maybe someone can explain
I've been getting the same thing running FW1 4.1 SP4 on Windows NT4 SP6. An
occasional stop / start of the box seems to temporarily cure it, but I hae
no more idea than that at present.
Andrew Smith
Network Administrator
Wiltshire Constabulary
Tel. 01380-734034
Mob. 07740-188569
Email. [EMAIL
I'm running FW-1 Version 4.0 on NT 4.0
I currently have an internal host using a private address 192.168.1.1. I
have this host setup to use Static NAT to the external address
209.124.222.1. It appears as though the firewall is translating the port
numbers as well as the IP address. Is this
Title: RE: [FW-1] 255.255.255.255 as source IP
It are broadcasts from internal servers
Manu
-Oorspronkelijk bericht-
Van: Bergs, Martin [mailto:[EMAIL PROTECTED]]
Verzonden: donderdag 7 februari 2002 15:12
Aan: [EMAIL PROTECTED]
Onderwerp: [FW-1] 255.255.255.255 as source IP
I performed a FW LOGEXPORT on all my *.LOG files for the month of January
converting them to semi-colon (;) delimited text files (*.LOG.TXT).
The first line of each file contains the heading information for that
particular file. Has anyone noticed that these headings are different for
each log
Hi All,
Just about to upgrade the Firewall-1 version on our Nokia IP650.
Current config
IPSO 3.3
Firewall-1 4.1 SP2
We are wanting to upgrade to the latest version of IPSO and upgrade to
Firewall-1 4.1 SP5.
A couple of questions:
Should static routes be updated when IPSO is upgraded?
When
Any Ideas on what is causing this:
[LOG_CRIT] kernel: FW-1 : fw_xlate_forw_drv() - got invalid interface -1
I see this constantly on a Nokia 650 with FW4.1 SP5...
=
To set vacation, Out Of Office, or away messages,
send an email to [EMAIL
Hi all,
I need help please.
I can't open Log Viewer, when I try appears:
can't found loggeneral.fwl
I set GUIDIR=/var/opt/CPclnt-50/conf but
don't work.
Any ideas ?
-
Sergio Muñoz Godoy
Ingeniero Civil en Informática
mailto:[EMAIL
Don, I can get a drawing together for you later today. Any particular
format you are looking for? Also, I am using Checkpoint version 4.1.
-Scott
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED]]On Behalf Of Don
Sent: Wednesday, February
Title: Message
I am relatively new
to Firewall-1 and I am having trouble getting hold of resources to help me
out.
I need to allow
WinXP clients access to our network without installing SecuRemote on them.
Can this be done?? If so where can I find information on how to do
it??
Platform
Title: RE: [FW-1] 255.255.255.255 as source IP
Seems
odd to see a port number with ICMP...
-Original Message-From: Verhaegen Manu (ICT)
[mailto:[EMAIL PROTECTED]]Sent: Thursday, February 07, 2002
9:27 AMTo:
[EMAIL PROTECTED]Subject: Re: [FW-1]
255.255.255.255 as source IP
It's a STATIC NAT. Therefore it knows to come back to the IP that I told it
to. It shouldn't have to use port translation to keep track of the
translations. I thought that was only a feature of HIDE NAT?? Thanks.
Leo Badinger
-Original Message-
From: Melcher, Andrew [mailto:[EMAIL
Thank's a lot... it works...
Glad to hear it. If you do not have it, the book Essential CheckPoint
Firewall-1 by Dameon D. Welch-Abernathy is an excellent reference to keep
around.
-Don
Thanks everyone
Renata
-Mensagem original-
De: Don [mailto:[EMAIL PROTECTED]]
Don, I can get a drawing together for you later today. Any particular
format you are looking for? Also, I am using Checkpoint version 4.1.
Any sort of basic diagram to help us troubleshoot would be appreciated.
-don
-Original Message-
From: Mailing list for discussion of
That is pretty much what I thought I was going to have to do. I just wanted
to see if there was a fix for this nonsense.
Thanks again,
Chris
-Original Message-
From: Ray Lodato [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 07, 2002 10:39 AM
To: [EMAIL PROTECTED]
Subject:
Stephen
Snort is a great product and you can choose to run it on
your preferred OS: Linux, Win, BSD, Solaris...
You can get support from the snort comunity for free or
commercial support from Sourcefire (www.sourcefire.com)
or Silicon Defense (www.silicondefense.com)
visit www.snort.org for Snort
Title: Message
John,
Why
not install SecureClient (free)on the WinXP clients. I had trouble
with the 4199 client but the 4188 works great.
You
can always configure the Firewall to allow traffic from the IP addresses of the
XP devices. "Not the best thing to do".
Good
Luck!
Tom
T.
Think
I just
upgraded to SP5 a couple of weeks ago and havent had any problems.
Upgraded
from FW-1 4.1 SP4 to SP5 on NT SP6a.
Cheers
-Original
Message-
From: Julio Bretín Díaz
[mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 07, 2002
12:10 PM
To:
[EMAIL PROTECTED]
Subject:
I have a Checkpoint firewall on my watch that is firing off NBT traffic to
the broadcast address on its external interface even though there is *no*
rule that we can find that allows this traffic. The firewall is not using
its external IP in any hidden NAT rules, express or implied, and in fact
I had the same problem on our new IBM Thinkpads. It would work on some and
not on others. The problem is that the authentication window would not pop
up at all while dialed up to an ISP they would work over a cable modem and
Ethernet connection. The way I worked around it was to run
Hello,
Trying to include CPMAD alerts in the reports generated by the Checkpoint
reporting tool does not seem to work. I tried Checkpoint solution ID skl3528
which suggests to modify config files to also include logs of the MAD
product in the log consolidation, but it seems that consolidating
Title: RE: [FW-1] NBT-happy 4.0SP8 FW-1 on NT
Although there's a good chance that the traffic is passing on rule 0 (allow outgoing packets originating from gateway (in Policy-Properties) and you're not logging implied rules, the real issue is making that traffic stop. The Workstation and
Don, I tried to attach a visio drawing to this group, but it was rejected.
If you email me at [EMAIL PROTECTED] I will send it directly to you.
I guess I could also try to draw it in text on an email to this group? Let
me know how you want it.
-Scott
Hi gurus,
What would be the appropriate nokia checkpoint model for 1600 users?
Thanks.
Neil
=
To set vacation, Out Of Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
where is sysprep.exe?
Phoram Mehta
Trabon Solutions
Network Engineer
Email:[EMAIL PROTECTED] mailto:Email:[EMAIL PROTECTED]
Tel: (816) 276 2500 ext: 519
-Original Message-
From: Dame, David [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 07, 2002 1:47 PM
To: [EMAIL PROTECTED]
What would be the appropriate nokia checkpoint model for 1600 users?
A 440 should be fine for this many users but it depends on the amount of
traffic.
Will you be doing VPN's? What does your traffic look like?
-don
=
To set vacation, Out Of
I have installed secure remote version 4199 on all of my IBM ThinkPad's T22
running XP. All of them have worked without any problems. I am using
IKE. Also I have removed the fwz service from auto starting from the
registry. This trick has solved many problems.
All of my users launch secure
Look to see if QoS is installed on the Dialup networking adaptor. If it
is, uninstall it.
Curt
-Original Message-
From: Rodriguez, Laz [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 07, 2002 5:44 PM
To: [EMAIL PROTECTED]
Subject: Re: [FW-1] Securemote on Windows XP-Solution
I
We recently swapped out 2x440s for 2x650s in a failover configuration
=and it seems like we're seeing some degradation in network performance
=around 8000 connections. The kernel memory is set at 16 MB,
Connections =are set to 25000 (Default) - what types of items should we be
looking =at.
Hello
When I start the Firewall-Process (4.1 SP2) I receive following messages
Removing a GUI management lock file to allow remote management.
Where can I find this lock file because I can´t contact with the GUI to the
Management-Station.
thanks
manfred
Hi,
If an Admin is logged in with the right to write in the GUI a file called
manage.lock can be found at the Management Module in $FWDIR/tmp or in
$FWDIR/config (older versions). Removing this file will let you open the GUI
again.
Hope it helps,
best regards,
Matthias
http://www.fw-1.de
[EMAIL
Hi all I'm not able to download the attachment in yahoo/hotmail. The log shows: reason content-Disposition connections are not allowed.
Thanks in advance.
TikaDo You Yahoo!?
Send FREE Valentine eCards with Yahoo! Greetings!
__
Do You Yahoo!?
Send FREE Valentine eCards with Yahoo! Greetings!
http://greetings.yahoo.com
=
To set vacation, Out Of Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the
Have you been able to perform a traffic dump on the firewall or internal
network?
No. We will have to go out to the CoLo and put a sniffer on the line.
However, the fw log shows the connection coming in and authenticating
successfully. It gives out the first IP address in the pool.
It also
42 matches
Mail list logo
