On NT is there built-in feature that you can use to rotate fw-1 logs or does
fw1 provide something? Do you have to do it manually?
Aropalo Tommi
To unsubscribe from this mailing list, please see the instruct
Hmm, 30 rules are a good guess but 20+ are tooo many. The goal would be in
the 2-4 range. I'll have to look in products like SUN's screen which is
supposed to support multi-CPU nodes but doesn't offer load balancing
between boxes as far as I know.
Thomas
On Thu, 19 Oct 2000, Cedric Amand wrote:
Will,
On Thu, 19 Oct 2000, Will Schwartz wrote:
|The CheckPoint Load balancing is handled in software and in some cases you
|load an agent on the web servers that you are balancing. There is no need to
|setup OSPF or anything silly like that. You basically assign a "virtual"
|address for the "gr
Hi
Problem:
Our shared FW ( FW1 ver 4.1 sp2 ) . Has a client behind it trying to connect
to his office in the states ( also behind a FW1 firewall ). He uses
SecureRemote for this connection. but now our FW is dropping his connection
with error:
16:18:04 drop USKO_Neozzz.zzz.zzz.zzz>daemon pr
Does anyone have any experience with allowing BMC Patrol through
Firewall-1 4.0 ?
Our Patrol people tell me that they need to run it on TCP, as UDP isn't
working for them or something. However, they say (and the
documentation agrees) that with TCP you can't tie down the port.
Apparently it use
On Wed, 18 Oct 2000, dsullinger wrote:
> Is anyone using Snort as a intrusion detection system
> with Firewall-1 on Solaris?
Works like a champ for me on Solaris 2.7 / Ultra 5 system.
However, may performance become an issue. Also, you always
add risk running a new service on your firewall. I
I 've found a warning message in NT event viewer
that "FW-1 no license for encryption" even though the feature of VPN
on FW-1 has never been enabled, and the FW-1 V4.1 unlimited license has no VPN
feature. I 've tested this license by installing a new firewall machine on NT,
SP 5 without to
SR build 4166 for Win2k only was released today.
from checkpoint:
> VPN-1 SecuRemote/SecureClient 4.1 SP2 for Windows 2000 (build 4166) is
> now available. Please read the Release Notes which detail feature
> enhancements as well as bug fixes and known limitations.
>
> Free Download Binaries an
Listers,
Is there anyway we can set up a policy such that my
users cannot use the AudioGalaxy Satellite to download their MP3
files?
RdgsGABRIEL
~ Have A Better Day Tomorrow
~
Erin,
I use hybrid mode because it allows me to manage secuRemote users on my
radius server. As for NATing private IP addresses, i feel that your number
Firewall is not configured quite right because I do not NAT any addresses
and I can accesss the entire LAN.
thanks
-Original Message---
Hi all,
I am trying to pass all SecuRemote user authentication off to a radius
server. I have successfully got single password authentication working. If
the user is defined on the radius server to use challenge response
authentication after you input the username secuRemote returns asking for a
a) Have a look at http://www.phoneboy.com/fw1/ you should be at fw1 4.0 sp7
b) http://www.phoneboy.com/fw1/faq/0359.html
cheers
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Friday, 20 October 2000 5:41 AM
To: [EMAIL PROTECTED]
Subject: [FW1] NT Service pac
listers,
when i apply sp2 over fw1 ver 4.1 its removing the license, any idea why is
it ?
Thanks in advance.
Rgds
Junaid
To unsubscribe from this mailing list, please see the instructions at
We just upgraded to service pack 6a from sp3 and the internet seems to be
slow. Would backing this out and going to sp5 have any affect?
thanks
regis
To unsubscribe from this mailing list, please see the
I have just upgraded to FW 4.0 SP6. Which NT service pack is recommended
for this?
THanks
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/se
Hello All,
I am having a strange problem with SecuRemote.
I have the following rule setup:
1 - UserGroup@Any - 10.5.6.x network - Any - ClientEncrypt
I have a single user setup in this usergroup.
The user can authenticate and successfully access resources in the 10.5.6.x
network.
Here are t
Hello All,
I am having a strange problem with
SecuRemote.
I have the following rule setup:
1 - UserGroup@Any - 10.5.6.x network -
Any - ClientEncrypt
I have a single user setup in this
usergroup.
The user can authenticate and successfully access
resources in the 10.5.6.x network.
Hello All,
I am having a strange problem with SecuRemote.
I have the following rule setup:
1 - UserGroup@Any - 10.5.6.x network - Any - ClientEncrypt
I have a single user setup in this usergroup.
The user can authenticate and successfully access resources in the 10.5.6.x
network.
Here are t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> -Original Message-
> From: Leggett, Jeff [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, October 18, 2000 12:33 PM
>
> Well, this won't work for the simple reason you can't route
> RFC addresses
> (10.x.x.x. and others) via the internet. S
http://kubarb.phsx.ukans.edu/~tbird/vpn.html has a few resources showing how
to do this exact setup.
Hope its helpful.
Will
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of
Barringer Nick
Sent: Thursday, October 19, 2000 7:33 AM
To: '[EMAIL PROTECTED]'
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Whoops... got distracted. I forgot to mention in my previous email
that snort and FW-1 are running on NT.
Frank
> -Original Message-
> From: dsullinger [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, October 18, 2000 11:37 AM
>
> Is anyone
Well, this won't work for the simple reason you can't route RFC addresses
(10.x.x.x. and others) via the internet. Somewhere you will have to NAT
these to real routable addresses and you can VPN THOSE addresses. Look at
setting up a gateway to gateway VPN solution for this. We do it and it
wor
Honestly, I don't believe you can. IM will search for different ports if
the main one it uses (5190) is blocked. I have seen it use SMTP, as well as
others if you block it's primary port. Admitttedly, blocking the primary
port will make the user go in and have to make it search, so if they don
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I'm running snort on a couple boxes, including the firewall. I
created a few batch files that will capture alerts from the alert.ids
file, transmit them encrypted (using cryptcat) to the management
station, and there automatically block the offending
Title: RE: [FW1] Securemote behind a NAT device
There is one thing missing, that would make a difference, from your description.
Are you using a cluster or just one module? You will be happiest if your answer is single gateway.
If you are using a cluster, what are you using it with? eg Nokia,
This works fine for us. We have fw-1 4.1 SP2 on Solaris 2.6 and SecureRemote clients
behind a Pix doing NAT.
4.1 SP2 has a new feature, it encapsulates IPSec in UDP. Set it up like this:
http://support.checkpoint.com/kb/docs/public/securemote/4_1/pdf/hybrid-2-10.pdf
Regards Roger Bengtsson
-
Title: RE: [FW1] Securemote behind a NAT device
On the Management station, look for two lines that are similar to
FWZ_NAT = false
IKE_NAT = false
change the false to true, reinstall your policy and see if that does it..
Supposedly 4.1 SP2 comes with these set to true, but mine were not. I t
Title: [FW1+vpn] VPN with pix and firewall 1
You
should attach the VPN box outside of the FW or on another FW interface. At
least that way you could control what type of traffic, and what destination, the
VPN box allowed into your network. If you attach the VPN box directly to
your interna
Rodney,
This would depend on how you have the LANs segmented. If you have a
10.x.x.x/8 on either side, then the VPN will not work. The client will
assume that the host is on it's local segment. If, however, you are
segmented off to a class B or C, and the LANs are different segments of
those n
Sorry about the last
post I found out why it is not working...Which brings me to my next question..
How can I NAT the NetBIOS header using Checkpoint 4.1 running on an IP440.
Sorry if this is a newbie question, but I am a firewall newbieThank you for
your help...
Bill Hankins
Networ
I've seen this many times before myself. Just an educated guess, but I
think that the fwauthd service is trying to connect to the Policy Server
component of FW-1. It's not finding it because the Policy Server is a
separate product that you license when you are using SecureClient.
-Jeff
-O
**
L'information confidentielle incluse dans ce courrier électronique
s'adresse uniquement à la personne, physique ou morale, visée.
Toute utilisation, copie, divulgation ou distribution non
autorisée d
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi all,
I've got a problem with my management clients (ite : Log Viewer,
System Status, Policy editor).
I'm running FW1 4.1 SP2 build 41716 on WinNT. I've installed the
Management Clients 4.1 SP2 and the Session Agent 4.1 on my WNT 4.0
Workstation S
>-Original Message-
>From: Gregorowicz, Piotr
>Sent: 19 paYdziernika 2000 23:54
>To: 'Chris F'; +Checkpoint (grupa dyskusyjna)
>Subject: RE: [FW1] 'fw_xlate_backw_drv' error
>
>
>Yes, Indeed, I'm doing so. Ignoring so far. And nothing wrong happens.
>But mentioned before /var/adm/messa
Hello Thomas,
TN> 2. which products would you recommend from the performance and
TN>scalability point of viev? VPN is bo real issue so mainly packet
TN>filtering inf the 400-1000Mbit range must be offered.
then, in real life, you're heading at 20+ firewalls in parallel
for a medium (30
I am in the process of converting from user authorisation to session authorisation.
The user auth has been working fine. Then I tried to test session auth in the same
rulebase and found that the user auth was still being used since it was before the
session auth rule.
So I changed the order a
Just wondering if
anyone has had any success with this ??
Checkpoint Firewall
4.1 is NATing our private ip's to public ip's where our PDC sits. Server
is browseable via NETBIOS, request for authentication reach the PDC\WINS server,
but no answer is ever sent. Thank you for any help in
a
We can only get it to work if the client running securemote is using a
static nat.
-Original Message-
From: Yim Lee [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, October 17, 2000 3:20 PM
To: [EMAIL PROTECTED]
Subject: [FW1] Securemote behind a NAT device
Has anyone able to run securemote
Trying to do the same thing - so I am also interested to hear the horror
stories.
The only thing I know for certain is that you have to use IKE - it will not
work with FWZ.
Paul
C. Paul Simons
Corporate
Has anyone able to run securemote behind a NAT device
and connect to a device behind a FW gateway doing NAT?
My fw gateway is 4.1 SP2.
Note: I can run securemote doing FWZ1 (without NAT)
and connect to a device behind a FW gateway doing NAT
without problem.
Have help on this is greatly appric
Thank God this thing is back up.
Does anyone know how to do a silent (no user input) installation of SecuRemote?
To unsubscribe from this mailing list, please see the instructions at
http://ww
Is anyone using Snort as a intrusion detection system
with Firewall-1 on Solaris?
What is your opinion?
=
--
Dean Sullinger
Arizona Deptartment of Transportation
Technical Information Resources
Wide Area Network
Email : [EMAIL PROTECTED]
Internet: http://www.dot.state.az.us/
___
Hey all,
I'm looking for recommendations on good pieces of software to run
for CVP servers which will be scanning SMTP e-mail passing through a
firewall. Any experiences good or bad?
Thanks,
Abe
Abe L. Getchell - Security Engineer
Division of System Support Services
Kentucky Department
Hello all,
Wondering what could cause the following problem ?
Till two weeks ago we had 3 CP Fw-1 4.1 installed, two at one location
and one
at a 2d location. The management from the two firewalls at the 1st location
were done
from behind the one at the 2d location, using private addre
I have been trying to get VPN to work between a 3.0b and 4.0 box.
I basically followed the recommendations in
http://support.checkpoint.com/kb/docs/public/firewall1/3_0b/pdf/net_netenc.p
df.
I have been UNSUCCESSFUL in using FWZ-1 and/or SKIP encryption, the only
other option that 3.0b offers i
test
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
=
Not anyone can use the GUI utilities to access the policies, log
viewer, or the system status but those listed in
$FWDIR/conf/gui-clients. Those, and only those machines, will
be allowed access to the management features.
In addition, you must also run the FWCONFIG (UNIX, don't know
for NT) an
Has anyone heard a rough date for the release/support of gig ethernet on the
nokia platform?
Kenneth Pierce
Network Engineer
617-345-6251
Cell 617-216-5942
Page 888-391-2597
[EMAIL PROTECTED]
www.belenosinc.com
"21st Century Architects" - Belenos designs and builds next generation voice
and da
does the list still live?
Jeroen
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
==
I think many of you will find it interesting.
SETTING UP A VPN WITH WINDOWS 2000
Get connected with Jason Hiner's guide to installing a VPN using
Windows 2000 as your operating system.
http://www.techrepublic.com/article.jhtml?id=r00220001018jim02.htm
=
Anyone know how to do a silent SecuRemote installation (no prompts)? I want to
streamline the installation process (command line switches) for limited user input.
To unsubscribe from this mailing list, plea
I'm trying to get a new firewall 4.1 installation operational, under Solaris 2.7
and using Sun's gigabit ethernet (Version 3.0 driver) hardware. We have a
requirement for multiple networks, and only have one SBUS slot available
(running on an Ultra-1), so a quad-ethernet is no good. All patches a
My guess is it has something to do with NAT. Do you
have a lot of NATing going on?
I think you can safely ignore these messages if all
seems well. If I recall correctly, that's what someone
told me once.
HTH -- Chris
--- "+Checkpoint (grupa dyskusyjna)"
<[EMAIL PROTECTED]> wrote:
>
> Error me
Hi Steve,
a short update: I foudn something that might help!
Look for http://www.phoneboy.com/fw1/0374.html
Cheers,
Hans-Gerd
Hi Steve,
sorry to tell You, but I just run into the same problem on an Solaris 2.6
box!
Never had this problem on 4.0 before. Our support guy gave me the first
adv
Title: Automatic log file creation
Running CP 2000 (latest version and build) on NT Server 4 and would like to save and create new log files on a scheduled basis for reviewing purposes. Any suggestions would be greatly appreciated.
Regards,
Don Guyer
Network Engineer
Citadel Federal Credit
Hi all,
I just installed a new instance of CP Firewall 2000 on a new
server so that I may upgrade our old one which is currently a CP Firewall
4.0. I copied over all of the 4.0 directories from the old one to the new
one. I read in the documentaion that when you install 2000 it should ask
Hi all,
I just installed a new instance of CP Firewall 2000 on a new
server so that I may upgrade our old one which is currently a CP Firewall
4.0. I copied over all of the 4.0 directories from the old one to the new
one. I read in the documentaion that when you install 2000 it should ask
Souhela 8,
You need to first to an nslookup for 'login.oscar.aol.com(below).'
This hostname is the server that AOL Instant Messenger clients
login to.
> login.oscar.aol.com
Server: UnKnown
Address: 172.16.16.254
Non-authoritative answer:
Name:login.oscar.aol.com
Addresses: 205.188.7.176,
maybe late, sorry, but
1) In NAT tab on workstation object set to static and 208.222.222.2
2) In ARP (presuming NT) %windir%\FW1\4.1\state\local.arp set IP address of
public address to MAC of FW public interface
3) Set rule in Policy Editor allowing traffic to/from NATted object
4) Set static r
If I read your question right, the FW administrator must enable remote GUI
administration by IP address to specificly prevent logging on from just
anywhere...
Eric Strecker, CCSA
[EMAIL PROTECTED] wrote:
>
>
> Does anybody has implemented a Restrictive (and secure) Policy to control
> GUI acce
Hi,
--- [EMAIL PROTECTED] a écrit :
>
>
>
> Hi Brad,
> [...]
> I´m no real Solaris guy so on Linux you have to set the "pub" after
> the arp
> entry,
>
> pub
>
> so it will be still in the arp table after a reboot.
Nope. pub means it will be published (if there is an ARP for this
entry,
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
===
Error message is generated in /var/adm/messages
To be more specific, frequency of messages varies:
it's 4-20 message group every minute to a few hours.
I see no association between messg. frequency
and eg. throughput or interface load.
>-Original Message-
>From: Guillaume, Reginald [mai
Here's the situation:
I am trying to configure and run a split, encrypted DNS with Checkpoint
FW-1/VPN-1 v.4 and SecuRemote as clients. Firewall/VPN management is
outsourced, so I don't have access to all info, but apparently, the packets
are being decrypted at the firewall when trying to access
Actually, I was referring to a Gateway to Gateway VPN - but with both encryption
domains being the same network numbers (site A has a 10.x.x.x/8 and site B has a
10.x.x.x/8 - where each firewall has it's own network as the encryption domain).
Unfortunately, what I'm finding out is that you ca
there is no need to run the Checkpoint on a NT Server because the
Checkpoint
won't use any server features
exept you want to run Software Mirroring for your Harddisk
I don't think that there is any preformance difference between Workstation
and Server because if you install the
NT Box a
The Address Range property is for use with NAT, not regular FW
activity.
David C. Diemer, CCSA, CNE
Enterprise Security Firewall Engineer
Georgia Department of Administrative Services (DOAS)
[EMAIL PROTECTED]
404.651.9677
>>> "souhela 8" <[EMAIL PROTECTED]> 10/17/00 02:46PM >>>
I want to give
Greetings:
I have two web servers that occupy two different public addresses but reside
on the same MAC interface.
I can get to one server just fine but when I try to get to the other the log
shows first a accept on the rule and then an immediate reject on rule 0.
The FW is 3.0b on a NT machin
The three things that I've seen that make a good management module
and master module are
Memory - 768 - 1GB RAM
NICs - GB, qty 2 (100 full duplex on a switch otherwise)
disk space - (depends - use RAID and load it up)
What does a management console do? Two things: as a master
con
Anybody know what's up with that url?
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
=
Does anybody has implemented a Restrictive (and secure) Policy to control
GUI access to
the Management station (for example if the guy clients could be anywhere
in the Company WAN)
Thanks
Maurizio
To unsu
It cant, and it wont. The only way that I have been able to work around this
issue is by either hiding the hosts on the remote network, or static natting
the target hosts. The perdon at the other side of the VPN will need to do
the same. Neither of these methods is ideal.
Frank
-Original
disregard this email. Thanks
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
===
On Wed, 18 Oct 2000, Gaetan J. BLENET wrote:
> First, I describe again your needs to be certain that I had well
> understood :
> One of your application open a session on firewall when it
> etablishs its TCP session to another server. Your application
> doesn't talk during a time bigger than 360
Simple trivial netmask problem.
Solaris believes that 157.150 networks has a netmask of 255.255.0.0
(class B network)
If you want it to be 255.255.255.0, you have two options:
* edit the netmasks file and add the folowing entry in it:
157.150.0.0 255.255.255.0
then reboot the machine
* reissue t
Title: RE: [FW1] Mime-Version: 1.0
Hi Mike,
I don't know if this will help...
I encountered the same problem when upgrading from 4.0 SP3 to 4.1 SP2.
Solution: There shouldn't be any links to recreate simply place the scripts in the appropriate directory: S00fw1bootd in rc2.d and S25fw1boot i
Hi Steve,
sorry to tell You, but I just run into the same problem on an Solaris 2.6
box!
Never had this problem on 4.0 before. Our support guy gave me the first
advise to delte the firewall object and recreate it (in the rule base) but I
still have the problems. I'm also not able to read the int
> Hi
>
> I have a problem with setting up a VPN and NAT.
>
> Have two Firewall-1 VPN's 4.1 SP1, NT Servers. Each residing at separate
> offices. We have configured the VPN option on both and have successfully
> exchanged Certificates/Keys.
>
> Firewall A has three network cards in, one attach
I've been trying to post this for three days straight, now.
Does anyone know of a way to do a silent SecuRemote Client install (using command line
switches or setup files?). I found an .ini file for the setup, but it does not have
any of the "Install on dial-up adapters only", etc. settings.
Ivan,
I have a different range of ports. Could that could be a difference in our products?
I have TCP 8194 plus 8195-8294 and UDP 48129-48192 as the ranges for Open Bloomberg.
I also have 4 Bloomberg networks defined; only two of them appear to be in use.
Sam
>>> <[EMAIL PROTECTED]> 10/11/2
there is no need to run the Checkpoint on a NT Server because the
Checkpoint
won't use any server features
exept you want to run Software Mirroring for your Harddisk
I don't think that there is any preformance difference between Workstation
and Server because if you install the
NT
It is definitely not a good idea to use the Firewall as an NTP server!!!
You should use another machine behind the Firewall and then use it to sync
all other machines. If this is a Solaris machine the Firewall is running on
you should use the 'rdate' command to sync the Firewall.
Best regards,
My thanks to those that responded to me with their suggestions.
Unfortunately, none of them solved the problem.
The problem was solved, however, by regenerating the keys under the VPN tab
of the firewall.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behal
there is no need to run the Checkpoint on a NT Server because the
Checkpoint
won't use any server features
exept you want to run Software Mirroring for your Harddisk
I don't think that there is any preformance difference between Workstation
and Server because if you install the
NT
Hi
Can anyone pls give me some guide on how to configure the Checkpoint HA
module???Thanks.
Cheers
_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
Share information about yourself, create your
I want to give certain access to the range of IP addresses. This is what I
do:
Manageà network objectsà newàaddress rangeàaddress range property appears. I
give a name to this range. Put first and last IP addresses and change the
color. Then click on OK. I see the name and range added to the l
Does anyone have any pros and cons or opinions on using the hybrid
implementation for securemote? Also, if I use IKE will I be able to use
encapsulation like you can with FWZ. I want to avoid having to NAT fo a
large amount of private ip addresses.
_
Greetings. I am in the preliminary stages of setting up a VPN/Firewall
solution for my company. One basic question: If I decide to use a Checkpoint
VPN solution with a 3rd party Firewall product, will I have to request that
certain ports we opened up? Or can the VPN appliance just "sit" in front
Anybody knows how to create an object based on machine DNS name instead of
its IP address?
The site I have to reach from inside my intranet changes its IP nearly twice
a month, so I have a lot of work correcting object database.
Thanks for the answer.
Gregor
Is anyone doing Securemote behind a NAT device to a fw
doing hide NAT? If yes, how did you do it? Any help
is appricated.
My firewall is 4.1 SP2 on solaris 2.6. Securemote
client is 4118.
Thanks,
Yim Lee
__
Do You Yahoo!?
Yahoo! Messenger - T
Does anyone know if it's possible to do a silent installation of SecuRemote (command
line settings, etc?). I have a number of machines I need to rollout, and they are all
configured the same (no desktop policy, only dial-up adapter bindings, etc.). It
would be great if I could run an install
Hi!
I am trying to set up User authentication on a newly installed Firewall 4.1
on NT system ( VPN+Firewall Gateway module ).
When I try to create a user by creating a user template first and trying to
double click on that template to launch the User Properties but I have
never
been able t
I will be installing multiple Nokia boxes in the near future (IP650's,
IP440's and possibly a IP330). I am not familiar with Solarias and
wondered if anyone had hardware recommendations for the management
station. Money doesn't seem to be an issue (accept, of course, when it
comes to my salary
Title: RE: [FW1] VPN accelerator card with SUN450 FW-1 4.1
HAve you found an answer on this one yet? We returned the cards to Chrysalis and they sent us four more. They said that the boards were defective, but the ones that we got in as replacements are also a little flaky...
Holly Wales
Lo
I don't know way to disable this timeout for a particular rule or
service. However, you may open a new session when
needed.
First, I describe again your needs to be certain that I had well
understood :
One of your application open a session on firewall when it
etablishs its TCP session to another
Hi everybody.
I am having a routing problem with a Solaris machine ( 2.5.1 ).
My solaris box has 3 network interfaces and has the following oruitng
table:
Routing Table:
Destination Gateway Flags Ref Use Interface
- --
That's going to be a problem. You could always renumber one of the
networks, or possible NAT one of them to another, unused network. Either
way you need to resolve the conflict, your client will never be able to
route duplicates.
-Original Message-
From: Rodney Lacroix [mailto:[EMAIL P
Only solution in my view is to allow non-sync packets. With FW-1 4.1SP2,
firewall drops any NON-SYNC packets for connections not present in connection
table. For established connections after TCP timeouts (3600 default)
client/server send non-sync packets and thus FW drop these packets. But in or
I have it for all platforms patch levels 3064/3072 and
3078.
--- Robert Spadafora <[EMAIL PROTECTED]> wrote:
>
> Does anyone know where I can get Checkpoint 3.0b
> firewall media?
>
> Thanks
> Rob S.
>
>
>
>
>
Hiya,
I have the following problem.
I am trying to authenticate securemote users using FWZ encryption and
securID. I have tested the secureID authentication by using client auth and
it works fine. When I created a securemote user and attempted to
authenticate I recieved the following error on t
1 - 100 of 147 matches
Mail list logo
