[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] RE: [fw1-wizards] bloomberg services
Hi, The first thing is to assume that you spoke to the right Bloomberg tech support person and actually have the right information !! It took me a couple of days to get the correct information - be careful since there are two network ranges, one for the direct router-to-your-network config and one for the Internet based service. In summary, the following info was the latest I managed to extract from them The network ranges for router-to-your-network are 199.105.176.0 255.255.248.0 199.105.184.0 255.255.254.0 205.183.246.0 255.255.255.0 208.134.161.0 255.255.255.0 (Current) The network ranges for Internet access are 206.156.53.0 255.255.255.0 205.216.112.0 255.255.255.0 Port ranges are TCP 48129-48192 UDP 8194-8294 The config that works for me is :- 1. Define all Bloomberg network ranges NET_BLOOM1, NET_BLOOM2, from correct table above 2. Add all network ranges to a group GRP_BLOOMBERG 3. Create a service BLOOM_TCP 8194-8294 4. Create a service BLOOM_UDP port range 48129-48192 5. Add BLOOM_TCP and BLOOM_UDP "Bloomberg" service group. 6. Create rule on firewall as follows From To Service Action Internal_LAN GRP_Bloomberg Bloomberg Accept This was the smallest hole I could create to allow access without opening up a hole big enough to drive a tank through Hope this helps Cheers Tim -----Original Message----- From: Ivan Fox [mailto:[email protected]] Sent: 07 October 2000 02:14 To: Fw1-Wizards (E-mail); fw-1-mailinglist (e-mail) Subject: [fw1-wizards] bloomberg services We are trying to setup a couple users to use bloomberg finanical news. The dedicated software requires a series of 100 udp ports and 50 tcp ports open. For instance, the udp ports are 48100 to 48200 and tcp ports are 4920 to 4970. Talked to Check Point (gold) technical support. Two "specialists" offered two different answers. One said that we should use the source port range in the workstation object. The other said we need to use port range instead of workstation object. Confused and the solution is not working. Any suggestions are appreciated. >From the firewall log, we could see the firewall has accepted the packets, but no response from bloomberg servers. However, when we telnet using a defined port, e.g., 4921. The bloomberg servers responsed! There is only one rule saying "any" "bloomberg servers" "tcp-port range and udp-port range" "accept". Your comments/suggestions are badly needed. Regards, Ivan --------------------------------------------------------------------- This email came from the FireWall-1 Wizards Mailing List To unsubscribe, e-mail: [email protected] For more information, email: [email protected] ************************************************************************ The information in this email is confidential and is intended solely for the addressee(s). Access to this email by anyone else is unauthorised. If you are not an intended recipient, you must not read, use or disseminate the information contained in the email. Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the views of The Capital Markets Company. http://www.capco.com *********************************************************************** ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|