Re: [FW-1] How to do a port mapping?

Yes it is: http://www.phoneboy.com/faq/0428.html Theo -Original Message- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED]]On Behalf Of Jim Parker Sent: Saturday, April 20, 2002 2:07 PM To: [EMAIL PROTECTED] Subject: Re: [FW-1] How to do a port mapping? Port

Re: [FW-1] Strange messages on NG firewall

At 19:30 18.04.2002 -0700, you wrote: Hi all, I am also getting strange messages when I try to download policy to a NG FP1 firewall running on Nokia. I have recently upgraded from 4.1 SP5. the management server was already at NG FP1. when i push policy down to the firewall from the server i get

Re: [FW-1] failed to get internal_ca object

At 14:20 18.04.2002 -0400, you wrote: Every time I publish to any of my firewalls, I get a message saying add_ca_cert_hash: failed to get internal_ca object. Can someone please tell me how to fix whatever it is that may be causing this message? It started when I upgraded my Management from 4.1 SP

Re: [FW-1] SSH set-up - where?

snip Configure your ssh client to use port forwarding. Forward the CP management port on the client to the management port on the firewall. 259 on 4.1 and earlier, 18190 for NG. /snip Make that port 258 on CPFW1 4.1 = To set vacation, Out Of

[FW-1] FW NG FP1 GUI Problem on Windows2000

Hello, I'm not able to connect the GUI on a windows2000 system to the Server while I'm not logged in as administrator. I have set all admin rights to the account but I'm still not able to connect with the GUI. If I log in as administrator it works without any Problem. Is there any trick

[FW-1] Upgrading from 30b to 4.1 (Help!)

Hi All, I am new to Firewall-1 and need some basic advice. I have been charged with upgrading our existing Firewall Version 3.0b to Version 4.1. 1:Now my questions is does anyone have a a bullet point step through on how I can copy the files needed to upgrade from one to the other? Items to be

Re: [FW-1] how to drop messenger

Here you go. If you want any more, let me know. Cheers, Chris -- Yahoo Messenger Source Internal Users Destination YahooMessengerNetwork Service Any Action Drop YahooMessengerNetwork consists of the following: Workstation1:

Re: [FW-1] license issue for VPN

Does rule xx set up site to site encryption or are you trying to do SecuRemote/SecureClient VPN? If the latter, do you have a SecuRemote or SecureClient license installed? Dave Gianna, MS, CCSE, CCSI, NSA, RSA/CA Technical Sales Engineer Security Technologies Group (914) 829-7351 Westcon,

Re: [FW-1] blocking MSN Messenger

Title: blocking MSN Messenger oops, just noticed someone already answered this, pls. ignore -Original Message-From: Glenn Mabbutt [mailto:[EMAIL PROTECTED]]Sent: Monday, April 22, 2002 12:27 PMTo: [EMAIL PROTECTED]Subject: [FW-1] blocking MSN Messenger Hi, I seem to

[FW-1] Windows 2000 Active Directory and Account Management Client

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I am trying to use the account management client to access my windows 2000 AD for use with securemote. I am using FW-1 4.1 SP5 on Linux. I setup the LDAP account unit with the following dn: cn=Administrator, cn=users, dc=psudo, dc=net

Re: [FW-1] blocking MSN Messenger

Title: blocking MSN Messenger glenn, I did some research and ended up blocking 64.4.0.0/27(any port). I do think that msn servers would be spread all around but the above blocking worked for me. i m located in Kansas city, MO.this will allow all websites from Microsoft, including hotmail to be

Re: [FW-1] Problem Running Shell Scripts on Nokia

The first line of any Unix script must have the name of the program to run the script after a #! (a pound or hash mark followed by an exclaimimation mark). Always provide a full path to the program and no spaces before the #. Plain shell scripts on the Nokia would use the following first line:

Re: [FW-1] Problem Running Shell Scripts on Nokia

It is probably reporting that a command within the script is not found. If you include the script here, then we might be able to help more. If you are trying to use $FWDIR in the script, that may be the problem. The environment variables do not get carried into the scripts. You would have to

Re: [FW-1] Problem Running Shell Scripts on Nokia

Sean, The error message may not relate to the shell script per se, but the commands inside. Check and make sure you have the command shell specified on the first line (#! /bin/sh for sh). It is also generally a good idea to fully qualify the path to each executable you reference ( /bin/egrep

Re: [FW-1] 'Install' Policy editor will push

im thinking (C) -Original Message- From: Uthaya Sankar A (ESG) - CTD, Chennai. [mailto:[EMAIL PROTECTED]] Sent: Saturday, April 20, 2002 10:31 AM To: [EMAIL PROTECTED] Subject: [FW-1] 'Install' Policy editor will push what is the answer for this 'Install' from the Policy menu in

Re: [FW-1] Problem Running Shell Scripts on Nokia

Dale Fanning wrote: Sean, The error message may not relate to the shell script per se, but the commands inside. Check and make sure you have the command shell specified on the first line (#! /bin/sh for sh). It is also generally a good idea to fully qualify the path to each executable

[FW-1] VPN Problem with HTTPS

Hello all, The user puts in the address ex. http://whatever.com they are then asked to authenticate with SecureID. Once they get authenticated and try to access a link to a web page that is SSL (HTTPS) the request is dropped at the last rule. The funny thing is that the problem is only showing

Re: [FW-1] VPN Problem with HTTPS

I'm not sure if this would matter but, have you verified their proxy settings? Maybe Rogers Cable sets a proxy and it is screwing up your auth. Just a thought. Christopher Gripp Systems Engineer Axcelerant Impartiality is a pompous name for indifference, which is an elegant name for

[FW-1] Connection table question

I have a situation that occurs where a valid connection gets dropped due to no traffic after session setup. The client sends the SYN to the server. The server replies with SYN-ACK. The client sends back ACK. At this point I would expect FW-1 to insert the session in the connection table and

Re: [FW-1] NG NAT with one valid IP doesn't work

Ok for whats its worth at this point, I've tested this on IPSO 3.4.2, NG FP1 and it doesn't work for me either. It simply does not address translate. I'll do further tests tomorrow. -Original Message-From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED]]On

Re: [FW-1] Upgrading from 30b to 4.1 (Help!)

How big is the rulebase? How many objects? Personally, I think I'd start afresh... -Original Message- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED]]On Behalf Of John Doyle Sent: 22 April 2002 14:17 To: [EMAIL PROTECTED] Subject: [FW-1] Upgrading from 30b to

Re: [FW-1] NG NAT with one valid IP doesn't work

Remove the Automatic rules intersection and see if it works. James -Original Message- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED]] On Behalf Of Jim Parker Sent: Monday, April 22, 2002 3:49 PM To: [EMAIL PROTECTED] Subject: Re: [FW-1] NG NAT with

Re: [FW-1] NG NAT with one valid IP doesn't work

Yes tried that, didn't make any difference. Anyone else tried this? I see that 'http-mapped' is still in NG so this is one possible PAT solution however I don't see why this feature doesn't work. I'll test it on FP2 in the morning. JP -Original Message-From: Mailing list for

Re: [FW-1] NG NAT with one valid IP doesn't work

One other thing. Is the address you are trying to pat the firewall outside IP Address. If not you still need to add an arp and routes. NG will not do this for manual defined rules. James -Original Message- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL