[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] Anti-spoofing, loading rules and license problem
Hi I had a similar problem with PDS 2100 using Check point small office. Anti spoofing setting has a bug. Naresh [email protected] wrote: > Had a strange situation yesterday on a FW-1 4.0 on HP-UX 10.20 running both > FW-1 managment module and FW-1 gateway module. > > The firewall have one connection to the internet, one to our internal > network and three DMZ zones. > > For each DMZ interface, I changed the property settings: > > Old setting: Valid addresses: Any + Spoof Tracking: None > New setting: Valid addresses: This net + Spoof tracking: Log > > Then I reinstalled and lost connection. I ran the GUI from the internal > network. > > At the HP consol I took a "fwstop" and then a "fwstart". It failed to load > the ruleset. I then took a "shutdown -r now". When FW-1 was starting, it > complained that there was too many internal hosts - only 25 was allowed, and > it came with a dump of IP-addresses. And it could not load the ruleset. > > We have a unlimited license on this machine. > > After reboot, I manually edited objects.C and reset the interface properties > for the three DMZ interfaces to "Valid addresses: Any" and then compiled and > loaded the ruleset without any problems. I also rebooted the machine and it > did not longer complain about too many internal hosts. > > This sounds like a bug in the software? Comments? > > --- > Jørn Yngve Dahl-Stamnes > EDB Teamco, Trondheim > [email protected] ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|