Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Internal Hosts Issue

To: "'[email protected]'" <[email protected]>
Subject: RE: [FW1] Internal Hosts Issue
From: Petar Karafezov <[email protected]>
Date: Tue, 2 Jan 2001 12:11:41 -0800
Sender: [email protected]

Hey Rob -

Did you try to run fw printlic and verify FW1 lists external hosts as well
as internal ones? I did have a similar issue and was able to fix it with
stopping the firewall and both deleting $FWDIR/database/fwd.h and
$FWDIR/database/fwd.hosts. When I started again everything was fine. The
presumption here is that your external.if is defined properly.

hope that helps

Regards,
Petar Karafezov

MetaMarkets.com-------------------------------------------
Investing Out Loud at
http://www.metamarkets.com
-------------------------------------------



-----Original Message-----
From: Rob Michayluk [mailto:[email protected]]
Sent: Tuesday, January 02, 2001 11:41 AM
To: '[email protected]'
Subject: [FW1] Internal Hosts Issue



Hello all,

I was wondering if I couldn't borrow the expertise of this group for a
problem I am experiencing.

I have Firewall-1 4.1 SP3 installed on an NT 4.0 SP6a box. Since I installed
SP3, I have been receiving
a notification that I have exceeded my license for internal hosts. When I
check the event viewer logs to
see which IP addresses have been determined as breaking the license, the
miscreant addresses are external to 
my network, but some of them are the valid addresses of hosts that are being
NATed.

I went to Phonboy to see what I should do and while I was running through
the suggestions I noticed that
(after having changed all the rules logging to long) most of the addresses
that I got from Event Viewer do 
not show up in the log viewer, except for those that were the valid
addresses of hosts being NATed. 

I do have a set of proxy servers that are another route into the network, so
that may explain why I am seeing
some of the addresses, but I am still at a loss to explain why Firewall-1 is
counting a host as internal that I do
not see an entry for in a log file.

If you need more information, please let me know and I'll be happy to
provide it. I'm stumped.


Rob Michayluk
Computing Network Services
ACD Systems Ltd.


============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: Re: [FW1] Hide NAT not using firewall's IP
Next by Date: [FW1] Someone knows this service?
Previous by thread: [FW1] Internal Hosts Issue
Next by thread: [FW1] Hide NAT not using firewall's IP
Index(es):
- Date
- Thread