[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] Telnet Access to Nokia IP650 as a Checkpoint NGEnforcement Point
thanks for the suggestions. i ended up deleting checkpoint, reconfiguring the nokia box and the checkpoint software from scratch and everything worked fine. i assume something got hosed somewhere along the way. regards bill ----- Original Message ----- From: "Crist Clark" <[email protected]> To: <[email protected]> Sent: Tuesday, August 20, 2002 2:00 PM Subject: Re: [FW-1] Telnet Access to Nokia IP650 as a Checkpoint NGEnforcement Point > > Bill wrote: > > > > I am experiencing a weird problem and hope someone may have seen this before. > > > > I have done a clean install of Checkpoint NG on an NT Server (Management) and a Nokia IP650 (enforcement point). All licensing is OK, I can download policy, the status manager reports a "connected state", etc. > > > > My problem is that when telnetting to the Nokia IP650, I get no activity at the telnet console, BUT > > > > 1) the checkpoint logs indicate an accepted packet > > 2) a "netstat -an" at the Nokia IP650 indicates an established telnet connection. > > 3) a "netstat -an" at any PC I have telnetted from indicates an established telnet connection. > > 4) I have tried this with MS command line telnet and hyperterminal and seen identical issues. > > > > One last thing. When the firewall software package is turned off (similar to uninstalling), then telnet. > > > > I have not had a chance to sniff/tcpdump the problem yet. > > How long do you wait before decide there is no telnet activity? DNS? > Does DNS work correctly on your firewall when policy is enforced? You > might be waiting for the firewall to do the reverse-lookup on the client. > Let the telnet session sit for at least a full minute or two before > deciding there is no activity. Also, try something like 'netstat -a' > (rather than '-n') on the server and see if that hangs up when you are > doing the attempts. > -- > Crist J. Clark [email protected] > Globalstar Communications> > The information contained in this e-mail message is confidential, > intended only for the use of the individual or entity named above. > If the reader of this e-mail is not the intended recipient, or the > employee or agent responsible to deliver it to the intended recipient, > you are hereby notified that any review, dissemination, distribution or > copying of this communication is strictly prohibited. If you have > received this e-mail in error, please contact [email protected] > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|