Hello,
I have 2 SunScreen HA clusters. On one of the clusters, whenever I
make changes with 'ssadm edit' and do a verify I receive the
following message:
Error: HA not enabled but HA Interface(s) defined.
When I run 'ssadm ha status' it produces:
HA configuration is enabled
I have just discovered the pathping command in Windows 2000. Looks
interesting. But it wont work through our Raptor firewall. I believe it
is due to the fact that the Raptor cause a hick-up in the normal
traceroute scenario (dummy addresses used):
C:\tracert somewhere
Tracing to somewhere
Ragu,
In addition to the other suggestions you've received, you may also want to
look at using the authentication proxy feature on your router (provided it
is cisco). It can help limit the access infected workstations would have
and requires user authentication before allowing access through
Well before we get too deep into this, my question
would be do you have you own connection to the
internet, or is your internet connection through the
parent company?
--- ragu nandan [EMAIL PROTECTED] wrote:
Hi
We have a WAN with no Firewall between our
company
and our parent compnay. What
Hi All experts,
I wanna know the mechanism by which firewall
differentiate multiple clients under same IP. Let
consider the scenario where multiple PCs are connected
to the net via the same firewall. All PCs use the same
IP proxy to access the internet.
Let's say a few users are voice
Ram,
There are four distinguishing characteristics for each connection using TCP. There is a source IP address, a destination IP address, a source port, and a destination port. So for example with the following telnet connections from the same client to the same server the unique characteristic
The differentiating factor is source port.
A socket is made of four parts
Source IP, Source Port, Destination IP, Destination port
so this combination needs to be unique, rather than any particular part.
This socket is a feature of UDP and TCP so they can be handled this way.
This also shows the
Granted, on the firewall log, you can see different source ports coming from the same IP addresses. Hopefully, your proxy does have a detailed enough log that can tell you which original IP/source port got forwarded (I guess I can not use the word TRANSLATED) by the proxy.
The question is, do you
Has any one replaced a software proxy server like Wingate Pro
(www.wingate.com) with a firewall unit like the SonicWALL XPRS2 or a Cisco
PIX ($$$)? I need to step up to something more secure. I'm using about
150 private IP address internally but most have 0 Net access (ban list via sw)
Do
IMHO, replace it with OpenBSD (search for Openbsd bridge) or FreeBSD gateway/firewall
or even Linux gateway/firewall.
look it at http://www.daemonnews.org, http://groups.google.com
Has any one replaced a software proxy server like Wingate Pro
saudações,
irado furioso com tudo
linux
Hi there, why not use OpenBSD?, it's a secure good option...
regards
Has any one replaced a software proxy server like Wingate Pro
(www.wingate.com) with a firewall unit like the SonicWALL XPRS2 or a Cisco
PIX ($$$)? I need to step up to something more secure. I'm using about
150
Hi All,
I am looking for a Firewall performance testing tool either free of low
cost. I would appreciate very much if anyone has any information
including where and how I can get it.
I read about Workload but I was unable to locate it.
Thanks,
Mikael
Yes - took WinGate out of all offices including mine and replaced with
WinGate. The ban list was about the only thing I lost - gained so much more.
You can use something like surfguard (I think that's the name) to restrict
access to sites. Is there something particular you're looking for?
Steve
Sorry - replaced with Netscreens.
Steve Clark
Clark Systems Support, LLC
AVIEN Charter Member
Who's watching your network?
www.clarksupport.com
301-610-9584 voice
240-465-0323 Efax
-Original Message-
From: Clark, Steve [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, October
Hi Jeffery,
Thanks for your reply. But what happens in case of UDP
where packets are not connection oriented. Here you
mean to say that proxy has to open different data
sending port for each client. Since listening port
will be shared for all clients, packets are
distinguished by their source
15 matches
Mail list logo