How do i test it? We only have one Provider-1.
Regards
Petra
-Original Message-
From: Torkel Mathisen [mailto:[EMAIL PROTECTED]]
Sent: den 12 februari 2003 17:15
To: [EMAIL PROTECTED]
Subject: Re: [FW-1] Upgrading Provider-1
It should be that easy yes. I would recommend to test it
Hi,
I am running FW-1 with SP2 on a NT Server 4.0
Have created the basic rules and everything is working perfectly fine.
I want to have static NAT with automatic NAT rules enabled for a couple of
servers in the DMZ.
After reading the ocs and the articles in the web I came to know that we
Well.. That could be a problem.
I would recommend to install a new Provider-1 in lab first.
If you can't do that, you may take the risk of installing the
SP on you already existing Provider-1. If something goes wrong
you should be able to uninstall the SP.
The uninstallation procedure is
Hi
there,
I've
been trying to find a supported hardware list for SecurePlatform, withjno luck
yet.
Is
there a list of specific hardware, (servers, raid cards,
nics...)
Regards,
Andrew
The information contained in this email
Hi
the fw1rules tool allows you to export your rules and objects files to html,
xml and so on.
have a look at http://www.wyae.de/software/fw1rules/
NF
Daniel Samaan a crit:
[FW-1] 4.1 Tool to export or view all the host to IP address mappings
I'm going to build a new NG
Has anybody had experience with RAINlink software
by ZNYX ?
I wanted to knowif I could use it with RedHat
7.2(2.4.9-13) and how could we get a copy of the software to try
out.
We have a number of ZNYX ZX346Q quad-cards that
could be used in a HA configuration if this software proved to be
There are two new study guides published by Sybex that may help as well.
At 03:01 AM 2/11/2003, you wrote:
Date:Mon, 10 Feb 2003 09:19:55 -0800
From:Dyk, David [EMAIL PROTECTED]
Subject: Re: CCSA CCSE course
You should be able to just purchase the book set through your local reseller
hello,
I compiled tcpdumpx for IPSO. (tcpdump.c was written by wietse wenema).
this tool allows you to decode automatically the tcpdump -x output.
(statically compiled, size about 50 kb).
If some are interested, I'll put it on my web site.
Nicolas Figaro
I have started to test the IP30. I found the IP30 easy to setup (2 min.)
but if you want to integrate it with a Checkpoint management console it
appears to get a little more tricky. I ended up calling Nokia, Checkpoint
and Sofaware (hardware manufacture who is now part of Checkpoint) to
At 12:47 13.02.2003 +0100, you wrote:
hello,
I compiled tcpdumpx for IPSO. (tcpdump.c was written by wietse wenema).
this tool allows you to decode automatically the tcpdump -x output.
(statically compiled, size about 50 kb).
If some are interested, I'll put it on my web site.
of course this
Hello
Some time agoI started re-naming the security
policy on our firewall to reflect the dates when changes are made, i.e.,
2.10.03. Does anyone see any possible problems with this approach?
Finally, I plan on keeping around 1 to 2 weeks worth of info (previously saved
policies) around.
If you have a need for protocol header and payload analysis, why don't you use
ethereal? Its an outstanding tool and can read from quite a number of different packet
capture file formats.
Www.etherealm.com
Sami Mousa
=
To set vacation, Out Of
I can not compare the IP30 to the SOHO but I can tell you I have never had
a problem with the IP30. It is easy to set up and maintain. And I think
the VPN client works better than the windows version of the client. If
anyone needs a solution for a small office or executive management home
this
I don't know how well this works on Solaris, but try the tool at this link:
http://www.wyae.de/software/fw1rules/
you will also need perl
[EMAIL PROTECTED] 02/12/03 04:17PM
I'm going to build a new NG firewall and I don't want to do an inplace
upgrade. The existing 4.1 firewall is running on
hi,
no problem with that. if you plan to upgrade to NG the policy-name has to
start with an letter (no digits as first character).
cheers
reinhard
At 07:23 13.02.2003 -0500, you wrote:
Hello
Some time ago I started re-naming the security policy on our firewall to
reflect the dates when
Hi,
You have to change the names when you upgrade to NG, because the security
policy name cannot start with a number.
Mauricio F. Muñoz Quevedo
==
|-+--
|
I have personnally used Orinoco Silver cards and Netgear MA401's with a
lot of success.
Adam
Adam Fathauer
Senior Security Engineer
CheckFree Corporation
[EMAIL PROTECTED]
Phone: (614) 564-4428
Fax: (614) 564-3008
The #1 Way to Pay Online
http://www.checkfree.com/paybillsonline
Hi,
We had an issue when upgrading a Firewall from 4.1 to NG,
the Security policies could use a name
starting with a number but not the floodgate policies
...
Met vriendelijke groeten - Bien à vous -
Kind regards Guy
ROELANDTSEMEA GS Internet Expertise Centre - CCSE-NGHewlett-Packard
I got this list from checkpoint.
Linux Network Interface Card
drivers included in SecurePlatform NG FP2
Edition 2, and NG FP3
Listed below are the device
driver modules included with the SecurePlatform
kernel. This list provides
information on expected driver compatibility, it
does
Hi All,
First off, is there a good resource available online for the commands available in
IPSO 3.5?
Second, I am trying to run through the Phoneboy FAQ on deleting the hosts table on the
Nokia without any luck. Running the
fw tab host_table -x command
just produces this message
Please
Hello,
which version (and servicepack) of Checkpoint FW is running, when the
Buildnumber 41490 (-fw ver)is. Or where can i read this ?
Regards
Andreas
=
To set vacation, Out Of Office, or away messages,
send an email to [EMAIL PROTECTED]
in the
Schade, Andreas wrote:
Hello,
which version (and servicepack) of Checkpoint FW is running, when the
Buildnumber 41490 (-fw ver)is. Or where can i read this ?
4.1 SP1
I think (according the googalized world...)
M.
Regards
Andreas
See the release notes of each service pack.
-Original Message-
From: Schade, Andreas [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 13, 2003 2:47 PM
To: [EMAIL PROTECTED]
Subject: [FW-1] BUILDNUMBER'S
Importance: High
Hello,
which version (and servicepack) of Checkpoint FW is
Hi. I have a customer with 4.1 SP5 Management console installed as
distributed architecture and backward compatibility on W2k server, and he
wants to manage FW-1 4.0 SP5 enforcement modules. When he tries to load the
policy into the firewalls he gets the message Too many firewalls [2] in
security
http://www.phoneboy.com/fom/fom.pl?_highlightWords=build%20numberfile=377
Can't find 41490 there though.
Regards,
Torkel
-Original Message-
From: Schade, Andreas [mailto:[EMAIL PROTECTED]]
Sent: 13. februar 2003 14:47
To: [EMAIL PROTECTED]
Subject: [FW-1] BUILDNUMBER'S
Importance:
My current setup is 4.1 SP5 Secure Clients connecting to an NG FP2
firewall, that works ok. I want to start rolling out NG FP2 Secure Clients. I'm
having a really hard time getting started. I loaded the NG client on a WinNt
workstation laptop with a working cable modem connection, after
This shows you the version numbers:
http://www.phoneboy.com/fom-serve/cache/377.html
The problem is that your version is not noted. It looks like you are 4.1 SP1 +hotfix?
Chris
-Original Message-
From: Schade, Andreas [mailto:[EMAIL PROTECTED]]
http://www.deathstar.ch/security/fw1/Licensing/FAQ0206.htm
Scott Friedman
Security Engineer - NG CCSE
[EMAIL PROTECTED]
Advanced Network Solutions
1750 S. Telegraph Rd Suite 100
Bloomfield Hills, MI 48302
(248) 857-5526 x132
www.advnetworks.com
-Original Message-
From: Schade,
since we've upgraded our 4.1 to NG FP3 some users report that
mails that come from mailing-lists are destroyed.
I think that have something to do with the mail-header size.
How can solve this problem ?
Did you install HF1 also in combination with FP3 ?
Have some vaque memory of
Only problem I could see with this is thatall
your policies will actually be saved in a single file rulebases.fws. As you
install the policy there may come a time when this file becomes large enough for
the GUI client to time-out while the management server is compiling and
installing. The
Chris,
I think the command should read : fw tab -t host_table -x
Met vriendelijke groeten - Bien à vous - Kind regards
Guy ROELANDTS
EMEA GS Internet Expertise Centre - CCSE-NG
Hewlett-Packard Belgium B.V.B.A./S.P.R.L.
E-mail : [EMAIL PROTECTED]
Tel: +32(02)729.77.44 (options 3 - 3 - 1)
Fax:
Hello,
Thursday, February 13, 2003, 4:47:16 PM, Andreas wrote:
SA Hello,
SA which version (and servicepack) of Checkpoint FW is running, when the
SA Buildnumber 41490 (-fw ver)is. Or where can i read this ?
http://www.deathstar.ch/security/fw1/Licensing/FAQ0206.htm
Build 41490 - FW1 4.1 SP1.
Hi.. Dear group members, Can anyone tell me what is the best book to
prepare for the CCSA NG
Thank you very much
_
The new MSN 8: advanced junk mail protection and 2 months FREE*
http://join.msn.com/?page=features/junkmail
wop! HFA-303 where's it? I don't see it in software download page of
CP
I see till FP3 HF1
Regards...
Peter Matej wrote:
since we've upgraded our 4.1 to NG FP3 some users report that
mails that come from mailing-lists are destroyed.
I think that have something to do with the
Question 1
In SmartStatus, we see the current firewall connection details. These
include CPU usage, memory usage, total number of accepted packets, etc...Is
there a way to log this information for analysis? If not, how would we log
this type of information - Performance Monitor?
Question 2
When
We were doing this about 10 months ago (4.1 management
station managing 4.0 fw module). Are you sure that
the license can manage other fw modules?
Yim
--- Javier San Martin
[EMAIL PROTECTED] wrote:
Hi. I have a customer with 4.1 SP5 Management
console installed as
distributed architecture and
Hi all,
We are running 4.1SP3 and using Securemote for access from home. I have heard that
there was a Linux build of Securemote for NG now, but have not tried it as I assumed
it would not interface with 4.1. Met someone today that swears that it will... anyone
have this experience?
Thanks,
It seems that the 3Com card is the only one that is not working. This issue
is known to Checkpoint.
Working cards
- wifi Linksys version 3.0 works
- Compaq WL110PCCARD
- SMC 2632W w/128-bit WEP works fine with SR-4199
- Netgear 16 bit PCMCIA Model MA401
- Lucent Orinoco Gold 802.11b
- Lucent
HFA-303 is available to CSP's only, at present. Contact your supplier to get
that hotfix.
-Original Message-
From: Alberto [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 13, 2003 11:02 AM
To: [EMAIL PROTECTED]
Subject: Re: [FW-1] smtp security server problems with FP3
wop!
it wanted to know as I to obtain documents of the CD Of CHECKPOINT FIREWALL FP3 Busca Yahoo!
O serviço de busca mais completo da Internet. O que você pensar o Yahoo! encontra.
Well, I don´t know exactly, but I think this license is for distributed
systems and unlimited for 4.1 version, but I don´t know if I need another
license for 4.0 backward compatibility.
At your management console, did you have a license for 4.0 and a newer one
for 4.1 firewalls?... or just one
Digging deeperto my testdocumkents, I found out that the always
mentioned Netgear MA401 PCMCIA-Card works also with 3Com 3CRWE51196
using Securemote 4.1 and NG FP2
SAM
-Original Message-
From: Christian ALT [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 13, 2003 5:42 PM
To: [EMAIL
Hi, all!
Does anybody know of a feature within FW-1 FP3 that can time out or disable a rule set
up on a temporary basis (i.e. ~ demo of an app with a web interface on port , or
inter-network communications for a group of consultants)? If no such feature exists
is there a forum to propose
You can specify an exact date and length of time with a time object then
insert that object into the rules time field.
Russ Aspinwall, A+, Network+, I-Net+, CIW Associate
Network Administrator
Kalamazoo College
-Original Message-
From: Mailing list for discussion of Firewall-1
Title: Ip forwarding using the secureclient.
Hi,
Can I use the secureclient on a computer sharing the internet connection?
I need to estabilish a VPN between the server 1 and the firewall, and then to access the internal network thru the server 1.
Server 2 - server1 --vpn using
With the requirements that you have listed below, you should probably
consider the VPN Dynamics V-6. It will run the Check Point small office
software (as opposed to the sofaware software on the IP30) and can fully
integrate with existing NG installations. In order to manage the IP30
from an
If I were going to try to pick a card, I would definitely go with the
Cisco card. It is one of the only PCMCIA based cards that has a 100
milliwatt transmit signal. So the Cisco card is unique, and works with
Securemote/Securclient just fine.
Frank
===
Frank
Agreed. But if you want to stay with a Nokia platform, the IP120 is an
excellent product.
-Original Message-
From: Frank Darden [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 13, 2003 3:28 PM
To: [EMAIL PROTECTED]
Subject: Re: [FW-1] Nokia IP30
With the requirements that you have
How does everyone manage a second cold standby
firewall? One that you would want to keep on
your internal network for remote access. With the
licenses now being tied to the internal IP, you
get conflicts if you try to put it on the same net.
Thanks,
Hal
Hal Dorsman
Network Administrator
Rocky
Title: Message
All,
Please excuse the
potentially newbie nature of this question. I have 15 WatchGuard SOHO
IPSEC routers in the field configured with VPN tunnels back to my firewall
(4.1SP5a running on IPSO). I used to be able to ping the inside interfaces
(172.16.x.x) of these SOHOs and get
I think a -t modifier is missing before the table name.
Mauricio F. Muñoz Quevedo
==
|-+--
| | Chris Beauchamp|
|
Hi everyone,
In Smartdashboard, for rule editing, there is a column for time, and in
there you should be able configure the times when the rule will be
active. Now I have wanted to configure it so that the rule is running
from 5:30pm to 12:30am. They have 3 rows to enter times. I tried to
enter
Title: Message
hi,
put
icmp in the encryption rule.
Regards
-Ursprüngliche Nachricht-Von: Joshua Pickering
[mailto:[EMAIL PROTECTED]]Gesendet: Donnerstag, 13. Februar 2003
22:29An:
[EMAIL PROTECTED]Betreff: [FW-1] Ping
through IPSEC VPN Tunnels?
All,
Please
From the different mails I saw and document reading my understanding goes
like
- basic installation is easy, this is what we saw in our tests
- vpn installation might be tricky
Some questions I have concerning integration with a central management and
VPNs
- Will I prepare on the management
You picked my favorite. It is one card that is also supported under Linux,
but this does not have to do anything with SecuRemote.
Christian ALT
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED]]On Behalf Of Frank
Darden
Sent: jeudi, 13. février
What is VPN Dynamics V-6?
I will have a closer at this to understand what you mean.
Thanks for the indication
Christian ALT
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED]]On Behalf Of Frank
Darden
Sent: jeudi, 13. février 2003 21:28
To:
56 matches
Mail list logo