I will be out of the office from 25-11-2002 until 27-11-2002.
Please contact Robert Amour (x3616) or John M Gibson (x3603) for any
queries.
** HSBC's website is at www.hsbc.com **
This E-mail is confidential. It may also
Title: NG fp3 on linux and websense 4.4.1 on linux
Prashanth,
The
best recommendation is to move the Websense Server off of the FireWall to a
separate server. There are far too many things that you will need to open
up direct communications between the FireWall and the internal network in
Hello,
I¡¦m
using CheckPoint FW1 ver 4.1, and we¡¦re planning upgrade to NG-FP3, any things
I need to do before the upgrade ?
Can
the NG use 4.1¡¦s rules and objects?
Is
it just upgrade in the 4.1 version system, and I¡¦ll upgrade automatically ?
Have
you do that before (Upgrade
Hi Brandon
Have a look at the VPN.pdf doc included with the Checkpoint product CD. If you have
access to SecureKnowlegde it will pay to have a look at FP2 Users Management Guide
Cheers,
Roland
-Original Message-
From: Brandon Lynch [mailto:[EMAIL PROTECTED]]
Sent: Sunday, 24 November
Hi
Calder,
Upgrading to NG can be tricky depending on how stable your firewall is at
the moment,
Step
1 Make sure you have a good backup or a Ghost image of your existing
setup if things turns sour.
You
will have to do a fw confmerge to make the 4.1 objects work with
NG
NG
installs
Shortly:
1. BackUp old
confguration
2. Install latest
service packs for OS and CP (SP6)
3. run "Preupgrade"
verifier utility
4. preform changes,
recommened by "Preupgrade utility"
5. CleanUp log
directory
6. Obtain a license
for NG
6. Insert FP3 media
into CDROM
7. follow
instrucions
Hi,
If you are using CVP, not upgrade to FP3. It has BUG related to inspection
of large files. ( HTTP and SMTP)
Regards
Andrej
-Original Message-
From: Ramakrishnan Pillai [mailto:[EMAIL PROTECTED]]
Sent: Thursday, November 21, 2002 6:36 PM
To: [EMAIL PROTECTED]
Subject: [FW-1]
Hi
The security server is generating coredumps when you're using http 1.1 with
cvp on IPSO 3.6 FCS4 with FP3.
I'm also getting a coredump from cplmd on an almost daily basis.
Elmar van Mourik
System- Networkmanagement ZHEW
-Oorspronkelijk bericht-
Van: Andrej Skamen [mailto:[EMAIL
I was told by many people that User management was on the test , I think I
got 1 question about user managment. SO I wouldnt be surprised if their
tests are very different between each one.
Nick
- Original Message -
From: Roland Venter [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent:
It seems to be an checkpoint problem. If I disable the local policy I can connect to
the virtual and the real ip.
MAC addresses are corecct, I can connect to the virtual ip AND the real ip.
After applaying my policy, VRRP is still working correct. It is possible to ping the
real ip. If I want
Thanks for the info. RK
[EMAIL PROTECTED] 11/25/02 06:19 AM
Hi,
If you are using CVP, not upgrade to FP3. It has BUG related to
inspection
of large files. ( HTTP and SMTP)
Regards
Andrej
-Original Message-
From: Ramakrishnan Pillai [mailto:[EMAIL PROTECTED]]
Sent: Thursday,
If a
client uses a HTTP port program like KazaaHTTP, there are very few options that
you have as it will tunnel the kazaa traffic over HTTP from the clients
desktop. If you have a novice userbase, simply blocking the port of 1214 should
suffice.
access-list
101 deny tcp any any eq 1214
I'd like to suggest that for those people who are interested in
Checkpoint certification discussion, they check out this mailing group:
http://groups.yahoo.com/group/checkpointstudy/
It's a list intended specifically for the topic and has a fair amount of
activity.
T. Brian Granier - CCNA, CCSE,
Hi All,
I'm currently running Windows 2000 advanced server w/ sp2 and NG FP2
(clean install). For some reason, I'm unable to use searches in
particular websites or get AOL mail. My problem is very similar to this
Solution ID: skI2970 in checkpoints knowledge base. When using fw
monitor,
What Syngress Osbourne book are you refering to??
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED]]On Behalf Of Duda, Nick
Sent: Friday, November 22, 2002 5:38 PM
To: [EMAIL PROTECTED]
Subject: [FW-1] My CCSA exam results
Passed! Thank
If I have a VPN-1/FW-1 50u license and I have 100 pc behind the fw, what
happens to the 50 IP's that I don't have a license for?
-Devon
=
To set vacation, Out Of Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email
Does not the VRRP menu in voyager include a checkpoint 'use vrrp address for
connection' or something like that? If yes, did you try it already?
SAM
SW-Original Message-
SWFrom: Thomas Lüthi [mailto:[EMAIL PROTECTED]]
SWSent: Montag, 25. November 2002 14:25
SWTo: [EMAIL PROTECTED]
Hi again
I have a NG FP3 and nokia IPSO3.5 in a VRRP/mc environment. When I start the firewall
with cpstart
I see the message with x.x.x.174 as the VRRP virtual ip:
delete: can't locate x.x.x.174
This message appears for all the virtual ips cofigured.
Is this a problem? Can the message be
This question was asked on the Management I course...
The answer we were given is that the FW listens to all IP packets and
builds a table of all addresses it sees on the network, even if they are
not talking to the FW (so beware NetBIOS broadcasts!), since the FW is
licensed to protect the number
Title: RE: [FW-1] License
Devon,
The firewall maintains a file of all the IP addresses it has seen on the internal network. It will only pass traffic for the 1st 50 IP's it sees. Once it sees a 51st IP address it will
a) Generate license errors into the logs
b) Any traffic for IP
CCSA
This one.
http://www.amazon.com/exec/obidos/tg/detail/-/0072194200/qid=1038238935/
sr=8-1/ref=sr_8_1/002-1371415-1582451?v=glances=booksn=507846
-Original Message-
From: Russ Aspinwall [mailto:[EMAIL PROTECTED]]
Sent: Monday, November 25, 2002 9:39 AM
To: [EMAIL PROTECTED]
In the meantime you can get the PDF's referenced earlier in this thread.
When I spoke to a Checkpoint represntative about this 3 months ago, they
told me that the pdf documents distributed on the CD's and posted on
their web site is THE source from which the questions are made.
T. Brian Granier -
22 matches
Mail list logo