[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] FW-1 and Raptor against Legato Networker
Greetings! Paul Simons wrote: I have a problem with Legato Networker. I have a backup machine running to two networks. One network is protected by a FW-1 (4.1) firewall and the other is through a Raptor firewall.
I guess you are using "secure tunnel"s through the Raptor? These are (IIRC - I only worked with Raptor 4.0-6.0) plain static IP filters. Plus tunneling happens before the GSPs get into action. As for the CheckPoint - they use stateful (dynamic) packet filters with some extensions ("inspection" code). If there was a rule above that did not match but contained a ressource (security server), then your connection will be tunneld through this ressource even if you did not define oit this way. So connections on the same port as defined ressources (e.g. SMTP) will fail. Second is that the Legato might use kinda RPC protocol - one control channel and a number of data channels. If this is the case I guess the conrtol channel only is used at the beginning and at the end of each session. If backup takes longer, then the session might be cut due to exceeding the timeouts set in the FW properties. If this is the case, you should find a number of "unknown established" packets between the Legato server and clients in the FW log. This can be mitigated by increasing the UDP/TCP session timeout. Please let me know what worked. Bye Volker Tanger IT-Security Consulting -- discon gmbh Wrangelstraße 100 D-10997 Berlin fon +49 30 6104-3307 fax +49 30 6104-3461 [email protected] http://www.discon.de/ ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|