Greetings,
Has anyone have Install documentation with screen dumps for FW-1?
Cheers
Andy
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
==
Many of you post three or four lines of text, but your message is actually
followed by about 200 lines of HTML and part of a multi-part MIME message.
And it's probably without you even knowing it. I know that many of you use
Outlook or other Microsoft software for posting messages which does not
1. You must use IKE
2. Your client's private ip address must not be in
your encryption domain.
3. This link is helpful.
http://support.checkpoint.com/kb/docs/public/firewall1/5_0/docs/PT1_Hybrid.doc
HTH
Yim
--- Lee Christie <[EMAIL PROTECTED]> wrote:
>
> I am currently having trouble getti
Maybe there are advantages whilst switching over to use M$ DNS as this give 'nice' feature of WINS integration -although maybe 3rd party products like MetaIP can do this also ?
Tim
"Rocky Stefano" <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED]
01/08/01 04:47
To: "Ch
Hi
I want to check who access the GUI and what changes was made (more than one
administrator). Is this possible ? and How ?
Thanks
HS
To unsubscribe from this mailing list, please see the instructions at
Robert,
your problems with attachment stripping can be very very easily
solved
I waited forever in the vein hope that checkpoint would do something
about .exe's and .vbs's etc...but to no avail...anyway our mail server
Gordano's NTMail does attachment stripping, content checking, and virus
che
Andreas,
> Are the messages only information messages ?
Well yes and no, yes because even if you have more then 250 hosts but
have only a license for 250 hosts, the Firewall will still work, but will
be slowed down due to the warning messages you continuously get. I say
also no, because
Hi,
This is the situation:
I have a Floodgate module installed over a FW-1
module. From our enterprise management console (VEE
license) I am able to manage the Firewall module and
push policies but not the floodgate module. When I try
to push a bandwith policy I get a "No license for
Floodgate-
I have had my license set to both the internal and external NICS and in each
case Secure Remote worked. YMMV!
Andy David
J Muller International
-Original Message-
From: Kondisetty, Sudhir [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, July 31, 2001 4:45 PM
To: '[EMAIL PROTECTED]'
Subje
Greetings!
[EMAIL PROTECTED] schrieb:
> we are running Firewall-1 4.1 SP 1 under Windows NT SP 5 with a localnet and
> DMZ. Everthing works fine.
> There just one thing that I don't understand: After starting the
> Firewall-Service the following error messages occur in the system event
> viewer
Title: Problem with site to site VPN tunnel
I am experiencing a strange problem trying to set up some site-to-site tunnels and I was wondering if you guys could help me out.
I am having a problem where the local firewall is using an interface OTHER than the external address for the source
I have seen this before, but can't remember exactly how to fix it. I seem to
think that it had to do with the date on the firewall being way off and
using a eval license.
Check you date.
reinstall the license.
-Original Message-
From: Christian Betz [mailto:[EMAIL PROTECTED]]
Sent: Tue
At a Checkpoint Event in the Twin Cities last month,
Checkpoint said that there would no Unix GUI at all.
Only Windows for NG.
Ron Atkinson <[EMAIL PROTECTED]> said:
> This is a multi-part message in MIME format.
> - --1118FCD4F37AB6A97783C8F1
> Content-Type: text/plain; charset=us-a
Dear all,
It is regardless which workstation behind Firewall Checkpoint Server, which
Internet browser version I use, through which Proxy Server interface, or
which username I logon as (whether as a domain user or local user), I always
receive a blank page when do SEARCH on this following web si
Hello,
I have a FW1 SP3 currently with an ipso3.3.I don't have the possibility
to see fields " Hybrid mode " to apply the resolution 2725.
Someone has you him one ideas
-
Polomack Cedric
Well there is a easy solution for this:
1. Setup a new URI definition (mailserver-uri).
GENERAL/
*Connection type: Transparent
*URI Match specification type: WildCard
*Exeption track: log (recommended :-)
MATCH/
*Schemes: http , others: *
*
Hi...
Recently i do a scan on my web server from external with a firewall in
between.The scanning result shows that traceroute is permitted thru the
firewall.I was very puzzled as i'm very sure i did not permit traceroute
thru my firewall.The report further clarify that Unix version of Int
Hi,
Alternatively put a mail proxy server in to the DMZ, keeping your
internal server on the private network and then content check all Email
traffic between your private network and DMZ. Make sure your mail proxy
is configured not to relay SPAM.
By using a Mail Proxy Server, it does not have
Hello,
Is there anyone knows that how to change the "Diffie-Hellman Group" in VPN-1
ver.4.1 SP4?
or
Can anyone tell me that what "DH Group" is being used in the VPN-1 ver.4.1
SP4? Thanks.
Regards,
Mark
ECOMPmerce.com
===
Hello,
Is there anyone knows that how to change the "Diffie-Hellman Group" in VPN-1
ver.4.1 SP4?
or
Can anyone tell me that what "DH Group" is being used in the VPN-1 ver.4.1
SP4? Thanks.
Regards,
Mark
ECOMPmerce.com
=
Tony,
Check the article on PhoneBoy called : Where did my rulebases go ?
It is the FAD 136 at the following URL :
http://www.phoneboy.com/faq/0136.html
Met vriendelijke groeten - Bien à vous - Kind regards
Guy ROELANDTS
EMEA GS Internet Expertise Centre
Compaq Software Engineer
Hi Mike,
I'm happy that it solved the issue! The first time I ran into that I could
not believe that the duplicate objects had something to do with that, but as
soon I got it working I figured out that it was the case...
Best regards and good luck,
Aylton
- Original Message -
From: "Mi
hi !!!
we are running Firewall-1 4.1 SP 1 under Windows NT SP 5 with a localnet and
DMZ. Everthing works fine.
There just one thing that I don't understand: After starting the
Firewall-Service the following error messages occur in the system event
viewer
FW1: FW-1: setting external interface t
Ian,
If you get the message "no license for encryption", I can think of
two possible causes. First you don't have the license, second you are
trying to use an encryption you are not licensed for. Just check again
your license(s) to be sure, do the following commands :
fw ver -k
fw
Title:
Actually you do not need to use M$'s
version of DNS in order for AD to work properly. I have used BIND running a nix
box perfectly. The only extras you get with MS is secure DNS exchanges etc etc
but it works fine with BIND.
Rocky StefanoEchelon Systems Inc.[EMAIL PROTECTED]www.echelon
Title: Secure SMTP Server
Hi!
When
the 'Get' utility is used on Workstation properties of any object to retrieve
the Interface information for that object
what
the Firewall-1 use to retrieve the interface information ? Is it the firewall
control connection or SNMP ?
If it
is SNMP what con
Frank,
> Web servers should only respond to incoming web requests.
> Web servers do not need to
> establish connections to the Internet. So if a web server is behind a
> stateful firewall, and the firewall rules allow incoming web request
> to the web server, but denies outgoing connections fro
Dear all
I have problem in making the arp proxy to work on Windows 2000 server SP2.
The local.arp file is created in c:\winsrv\FW1\4.1\state
(FW installation directory is c:\winsrv\FW1\4.1)
Syntax should be correct and the server has been restarted a few times.
However, the arp proxy doesn't
Greetings,
I'm sure you have heard and read plenty of warnings about the Code Red worm,
which is supposed to awake again. The Code Red worm 'infects' Microsoft
Internet Information Servers by exploiting a vulnerability (or bug) that
Microsoft had issued a patch for middle of June this year. Onc
Hi people,
Below is a long saga with multiple quotes and all sorts of things. I
know this is a volunteer help forum and not everyone has the time to peruse
a book, so I wanted to make a brief summary of my point up front, and then,
if anyone's still interested and has time, I'll leave all the
Hi folks,
It's my understanding that the "external" NIC on the firewall is the only
one that responds to SecuRemote clients. Is this truly the case? My client
has two Internet connections: One is for standard communication by users
in-house. They would like to dedicate the second connection p
This is just a wild guess, but are you running on Nokia IPSO with Flows
enabled? If so, perhaps your problem could be related to this one:
http://www.securityportal.com/list-archive/fw1/2001/Jun/0391.html
-m
- Original Message -
From: Ray Lodato
I ran into exactly the same situation
Title: solaris 8 kernel message in /var/adm/messages
I am running NG on a sun netra t1 ac200. I keep on getting these messages repeated over and over in the /var/adm/messages file:
>Jul 31 17:30:31 mdsxcfw01 fw: [ID 467953 kern.notice] FW-1: fwkbuf_free(hashlong.c 641): kbuf id is not found
Hi,
Does anyone know if there is a way to indicate when packets are being lost
for impossibility to process the total traffic on the firewall?
Thanks,
Oswaldo
To unsubscribe from this mailing list, please s
Frank,
Win2k domain members expect to see special information in their DNS servers
(automatically populated into win2k AD based DNS installations). This
information is used to identify Active Directory resources. I would
recommend you check that the remote users are utilizing an internal Activ
Has anyone using Samba to share out Unix folders to Windows based clients
run into the problem of accessing folders/subdirectories that are more than
3 layers deep? Remote users with W98/WME running SecuRemote (SP2) are the
only ones affected. NT and W2K users operate ok.
What do I need to do
Hi there,
while installing the security policy tghere is a warning that looks like
this:
Warning: Can't find ::CK- in cp.macro
Can anybody help??
Regards,
Christian Betz
System Engineer
eSecurity Solutions
Prodacta Systemhaus GmbH
Pforzheimer Str. 160Fon: +49 (0) 7243 382 308
D-76275 E
Hello,
I'd like to survey CPU utilization on my FW1.
I read on http://www.somix.com/software/mrtg/# that Checkpoint handle
oid=1.3.6.1.4.1.94.1.21.1.6.1.0
for CPU utilization.
I do not get any response from FW1 using this oid,
neither using
1.3.6.1.4.1.2620.1.1=iso.org.dod.internet.private.
38 matches
Mail list logo
