Bill,
This might seem like a dumb check, but have you allowed telnet access to the
firewall in the ruleset? If you don't have telnet access allowed, then am
implied denial at the end of your ruleset will not allow the service. Talk
about dumb, I did just that when building a firewall, sometimes you just
forget..
Rob
I am experiencing a weird problem and hope someone may have seen this
before.
I have done a clean install of Checkpoint NG on an NT Server
(Management) and a Nokia IP650 (enforcement point). All licensing is OK,
I can download policy, the status manager reports a "connected state",
etc.
My problem is that when telnetting to the Nokia IP650, I get no
activity at the telnet console, BUT
1) the checkpoint logs
indicate an accepted packet 2) a "netstat -an" at the Nokia IP650
indicates an established telnet connection. 3) a "netstat -an" at any
PC I have telnetted from indicates an established telnet
connection. 4) I have tried this with MS command line telnet and
hyperterminal and seen identical issues.
One last thing. When the
firewall software package is turned off (similar to uninstalling), then
telnet.
I have not had a chance to sniff/tcpdump the problem
yet.
Regards Bill
|