Hugo van der Kooij a écrit :
On Wed, 14 Mar 2007, pkc_mls wrote:
Create a new user. Change the user to a normal shell like the root
account by editing the /etc/passwd file and setting the UID and GID
too 0 and you should be set.
I managed to use the scp with a normal userid and groupid
Dvv a écrit :
Hi,
Are you connecting to a smartcenter or module ?
Anyway for easy use, just configure the /etc/passwd file by changing the
shell for admin in bash.
so replace
admin:x:0:0::/home/admin:/bin/cpshell
by
Hi all,
Does anyone know a proper command to check the state of a cluster member
in a
cluster that uses a 3rd party OPSEC product ?
the doc clearly states that the cphaprob output is only relevant for nokia.
thanks
Hi all,
I created a backup on ng ai r55, but as the generated file is larger
than 2Gbs, I really have some difficulties to
use the revert command from this.
As the backup contains also the whole cdrom image (shame on me), I tried
to reduce the size.
after having reduced the archive size,
Tauseef Khan a écrit :
I am trying to install hfa 19 on nokia but getting the following error
message. Help would be much appreciated. It worked fine on management
server
depending on the kind of hardware you have, installing an HFA on a
flashbased IP can be hard as there is not enough
Torkel Mathisen a écrit :
Hi,
What I did was on the SmartCenter object, under Logs and Masters Additional Logging
Configuration, check the Accept Syslog messages.
I installed the database, but I have also tried a cprestart of the management.
I also got OSE devices for these routers.
Esteban Serrano a écrit :
Hi everybody.
I'm trying to deploy a DHCP server in a FW-1 module, which is currently
running across a Crossbeam X40 chassis - Red Hat 3.
I've succesfully installed the dhcpd/dhcrelay rpm in the module (versión
3.0.1), although I'm not being able to assign IPs.
Paolo Riviello www.paoloriviello.com a écrit :
Hi all,
does anyone of you ever experienced to change SPLAT (clusterxl) sync
ipaddress, is there any procedure?
I suggest you to use another interface for sync during the modification.
ie :
- change sync interface in topology
- push the policy
[EMAIL PROTECTED] a écrit :
Hello,
Has anyone already installed SPLAT NGX R62 on a HP ML150 server ?
Thanks for your advice.
Hello,
you should first try checkpoint compatibility testing tool available at
this url :
Lyle Dove a écrit :
Hello,
I have a question regarding CP's Sync traffic for ClusterXL. I have setup
my the sync network between the 2 FW's, but I am seeing what appears to be
sync traffic on the Internal networks including the DMZ range along with my
single internal net. Utilizing a packet
Gil Sudai a écrit :
All,
1. The list continue to function.
2. The Miscellaneous forum
(https://forums.checkpoint.com/forums/forum.jspa?forumID=20) will
miror the list so people that would like to enjoy the benefits of a
web forum will see your posts to the list there.
3. If you would like to
Tauseef Khan a écrit :
I realised that as well the latest hfa is HFA08. One more question. In
ha mode do I need to run the script on both gateways or just one.
If run the script is run the hfa installer, you need to run it on both
gateways.
Kind regards
Tauseef Khan
Herold Heiko a écrit :
NGAIR55, smartcenter on windows (HFA19), nokia cluster.
On the management station I changed (dbedit) the
ike_use_largest_possible_subnets to false.
Later (still on the mgm station) cpstop, edit %FWDIR%\lib\user.def (added a
max_subnet_for_range table), cpstart.
Installed
Bill Smith a écrit :
Hi GURU,
Should I install a standard Linux rpm on SPLAT? or even from tar ball?
Any advice?
hi,
it depends on the splat release.
the latest are based on RedHat Enteprise Linux3, so you can install the
packages that comes
from this release, unless there is a conflict
Julio Bretín Díaz a écrit :
Thanks to all of you, but I haven't found how to solve this yet. The problem is
that all VPN connections worked before the Nokia appliance was restarted. Now
all VPN connections have the same error that I described in my last mail. what
can I do or what can I
Clive Luk a écrit :
Dear list,
Dear Clive,
I have one issue with my VPN.
When I am at home connected back to my work via secureRemote. I can access
all resource on 172.16.* (as this is the physical interface on FW). However,
I can't access any other resources which on not on the physical
Hi all,
Is there a way to export a certificate for a user from the command line ?
the goal is to script when the certificate expires the generation of the
new certificate and
send to end user.
has anyone ever worked on such a scenario ?
thanks
No Name Available a écrit :
Reinhard,
Thank you for your reply.
but you can also install any free rip-deamon but then you
loose the splat-support and run your fw1 as on rhel.
What do you mean by lose the splat-support?
Losing Checkpoint tech support on our SPLAT issues?
Or the
Mikael Trosell a écrit :
Hi.
The opensource alternative zebra is already included in SPLAT.
See under /etc/zebra and the startup file /etc/rc3.d/S14zebra
checkpoint didn't reinvent the wheel, so the dynamic routing is based on
zebra.
I use it myself for OSPF routing and it works fine.
Ray a écrit :
Are these SecurRemote/SecureClient users? If so, the firewall can be
set to automatically renew the certificates as they get close to
expiration. I've got mine set to 90 days before and it works well.
I do not know the answer to your specific question, sorry.
thanks for the
Corrado Motta a écrit :
Hi gurus,
we'd like to replace the old HW with a new One.
My think was:
a) I install a Secondary SCS on a temp-new HW (trial Period License)
b) Configure it on My primary
c) I sync the rules Policy / internal_CA / VPN / ...
d) I made the secondary Active. and delete the
Corrado Motta a écrit :
hi,
with this scenario you'll lose your logs because the logs are not
synchronized.
it's definitely recommended to :
- backup your primary smartcenter
- run an upgrade_export from the primary.
- shutdown/disconnect the primary
- install the new hardware with the
Corrado Motta a écrit :
First of all: TNX
Migration completed: the new SCS is managing the CP-Module.
A 'must' was the SIC reset
Last detail :
The new SCS did not receive the Logs coming from the module.
RUN tcpdump -n host on the Module and I saw paket sent to the old SCS-IP
Because of
Corrado Motta a écrit :
On 4/18/07, pkc_mls [EMAIL PROTECTED] wrote:
This is what I did.
I'm receiving the LOG coming from the remote Edge ( because the NAT IP
isn't changed) But I'm unable to receive the log of my central Gateway
A not so good solution could be to insert a nat rule
Tauseef Khan a écrit :
Hi all
Could anyone guide me on how to setup the environment variable in IPSO
eg $hostname. Also How can change the shell from C to bourne . I cannot
use backspace on my keyboard when on ipso shell and every time I need to
put command stty erase backspace. If someone
Hugo van der Kooij a écrit :
On Wed, 25 Apr 2007, Tauseef Khan wrote:
Could anyone guide me on how to setup the environment variable in IPSO
eg $hostname. Also How can change the shell from C to bourne . I cannot
use backspace on my keyboard when on ipso shell and every time I need to
put
Hi all,
I'd like to get the latest checkpoint release for IPSO, but I can't find
it on checkpoint's website.
has anyone already downloaded the NGX r65 wrapper for ipso ?
the releases notes for NGX R65 indicates that this release is only
supported on ngx 4.1 and 4.2.
thanks
Giacomo Fazio a écrit :
It is a perl scripthow can i use under Secure Platform?
you can install a perl rpm on your secureplatform.
depending on the ng/ngx release, you have to take the correct rpm.
depending also on what this script requires, you'll also need to get
some modules.
Thanks
John Lindblom a écrit :
I'm putting together a Site-to-Site VPN between a NGX R65 gateway and an
Edge device. Everything is working good but I'm unable to join
workstations to a Active Directory domain through the VPN, it fails with an
RPC error on the workstation and the logs show blocked
Desaulniers Marc a écrit :
Hi, I try to reproduce our production environment on VirtualPC to
simulate an upgrade from R55 to R65. I installed R55 and I tried to
restore a backup done on a production server but I have this message :
The following information will be restored:
[1] system
Giacomo Fazio a écrit :
Is it possible to upgrade from NG R55 to NGX 65
sure.
you should try first on a vmware if you're not sure.
you can also try on another physical box from an upgrade_export if needed.
you simply need a proper support contract to generate the ngx licences.
Giacomo
Hi all,
is there any compatibility matrix somewhere regarding the compatibility
between secureclient and firewall1/ vpn1 version ?
the next question could be : if I upgrade my gateway from ng to ngx, do
I also need to upgrade my secureclient ?
thanks
Tauseef Khan a écrit :
Hi all
How can I check whether a vpn accelerator module is installed and
enabled in nokia ip platform
those informations can be found in the cpinfo.
just check the commands that are used :
cpstat -f accelerator vpn
fwaccel
Kind regards
Tauseef
Good morning,
I tried to upgrade a utm box from r62 to r65, but it looks like the
upgrade fails, because
the box stays in R62.
According to the logs, the update ran fine, but it's like after the
first reboot the box automatically
reboot and starts r62.
has anyone already upgraded a utm1
Verweyen, Dirk a écrit :
Hello,
has anyone a HowTo for Connecting with the Windows
built-in VPN-Client to a Checkpoint VPN-Gateway?
Hi,
this part is described in the checkpoint vpn doc.
for ngx r62, check CheckPoint_R62_VPN_Guide.pdf page 374.
Greetings, Dirk
Ray a écrit :
Does anyone know of a North American vendor who might have a 256 MB
stick or two of memory for an IP530? I need to make one last another
year and it needs at least another 256 MB.
Or if this thing will take non-Nokia memory?
hello,
open your ip530, have a look at the memory
pkc_mls a écrit :
Ray a écrit :
Does anyone know of a North American vendor who might have a 256 MB
stick or two of memory for an IP530? I need to make one last another
year and it needs at least another 256 MB.
Or if this thing will take non-Nokia memory?
hello,
open your ip530, have
Fabio Maria Teti a écrit :
Hi all,
It is possible to plug 512 MB RAM bank in the IP 530 Main Board?
have a look at the chipset used on this mainboard, and you should get
more than half of the response.
if I remember well this is an intel 440 BX.
according to some forums threads, the 512
Bhavin Gandhi a écrit :
Hello,
We recently set up a standalone Firewall (Alteon) running R55 at a remote location. The FW is managed from a Smartcenter server placed in our Mgmt zone which is in our Central office. There are multiple firewalls between them.
In the same subnet (Mgmt zone) we
Bhavin Gandhi a écrit :
Though we have defined the 'logs and masters' - 'log servers' on the module
object, shall check the masters file to reconfirm.
sure,
check also with a tcpdump on the fw1_log port from the gateway to see if
the logs are correctly sent to both destinations.
Peter Addy a écrit :
Hi
I have a quick question which i hope someone can answer.
I have created a vpn from a NGX R62 gateway with the cluster ip of 194.x.x.x
There is a also a 10.x.x.x address which the vpn uses for the internal vip.
Traffic leaves the firewall on the 194.x
cisco4ng a écrit :
CPU is about 94% idle and I am still seeing the fw.log in the nokia going up at
the
rate of 1MB every 1 minute. This is very strange.
eComerce-1-P[admin]# vmstat 10 10
procs memory pagedisks faults cpu
r b w avm fre
cisco4ng a écrit :
Yes, I can push policy to both Nokia cluster members.
Yes, if I increase the nokia priority on the other one from 95 to 105 and make it active node,
I do not see this problem.
I would have to do a fwm logexport on both the CMA and the nokia itself to compare the
Tauseef Khan a écrit :
Thanks for the reply guys, really appreciate that. Another question is
do I need to get new licenses for module and management server or can I
use the existing license for module and get a new one for management
server.
the best is to use centralized licences bound
Alvaro Gastambide a écrit :
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi, i have a Nokia IP350 (256 Ram) with R55.
I want to know if i can install IPSO 4.1 and NGX R62... Thanks
you should check the releases notes for 4.1 and ngx R62.
this should be ok according to release notes.
Kim Longenbaugh a écrit :
Hi,
I have a SecurePlatform NGX (R62) Build 031 firewall.
I am trying to config a tagged VLAN on one of the interfaces.
If I use the command vconfig add eth6 199 it creates the vlan id for
that interface.
On my switch, I place the port with the firewall interface,
Bernd Nachtigall a écrit :
Hello,
as i ask i few days before: Is there a way to connect to a Checkpoint-1
VPN -Server with a Linux Client?
All infos i found say that there was a very old unsupported version for a
Redhat 7.? Distribution.
I can believe that Checkpoint ignores the fact that
Christian ALT a écrit :
Thanks for your prompt reply.
So if I understand right when the management station certificate is expired
a fwm sic_reset is enough?
that's true.
it will regenerate the certificate for the smartcenter.
you also have to repush sic certificates to the gateways.
Sergio Alvarez a écrit :
Hello,
I have customer that currently has a couple of Nokias working with IPSO
Clustering and off course Check Point (NGX R60 HFA04).
Early this week he wanted to enable RIP on those Nokia so they would
talk
with some peripheral routers, but when trying to enable the
good morning,
when you wish to rename the smartcenter object in smartdashboard, you
get the following warning :
Before renaming, please close SmartDashboard, open SmartUpdate and
detach the license.
and detaching the license will block the access to the smartdashboard.
does it mean you need
of.
Regards
On 8/8/07, pkc_mls [EMAIL PROTECTED] wrote:
good morning,
when you wish to rename the smartcenter object in smartdashboard, you
get the following warning :
Before renaming, please close SmartDashboard, open SmartUpdate and
detach the license.
and detaching the license will block
Jeremy Lieb a écrit :
Sorry to bud in but does the same apply to changing the IP address on a
Smartcenter or can that be more easily done?
you simply need to generate a new licence, and that can be done on the
usercenter with a valid subscription.
there is less dependancies as the CA
Jeremy Lieb a écrit :
Thanks. So I assume I then have to attach this new license to the Smartcenter?
Also, is there anything else to be done for our 25 or so gateways as well or
can their licenses remain the same. We do use central licensing.
generate new licence
change smartcenter ip
from the beginning importing the export on the
new machine whilke having the same hostname. If that is a problem, then look
in the SecureKnowledge for procedures to reset the ICA (it is also referred
to as SIC reset).
On 8/8/07, pkc_mls [EMAIL PROTECTED] wrote:
here are some more details :
I
Sergio Alvarez a écrit :
Well, with a corrupted certificate authority not only VPN stuff fails, SIC
fails as well because it works with cetificates generated by that CA.
To be honest I have no idea how you managed to avoid SIC issues, the CA gets
initialized with the hostname of the machine,
cisco4ng a écrit :
I am wondering if someone can shed some lights on this.
Let say you have SMartCenter (SMC) called SMC_X (SPLAT)
and that this SMC_X manages about 10 pairs of Nokia
firewalls and 10 pairs of SPLAT enforcement modules.
Everything is working fine. So far so good.
There are
John Lindblom a écrit :
We currently are note using iNotes web mail, we are in the planning stages
regarding the implementation. I know a lot of companies are allowing
direct access in to their mail server but I'm just not completely
comfortable with that, we may end up doing it that way but we
Gil Hananya a écrit :
Hi,
How can I temporarily disable VPN site to site?
do you have implied rules or dedicated rules for this ?
if you have implied rules, it can be tough.
with dedicated rules, you simply need to disable the rules that allows IKE
between your vpn gateways.
I have
cisco4ng a écrit :
I am very well aware of Provider-1 because I use it everyday.
I am also very aware of the html ruleset export via checkpoint
web visualization tool as well but it is not dynamic.
However, even with provider-1, to accomplish what I described
earlier, I would need 20 CMAs to
Jeff Nagel a écrit :
We would like to create a wireless guest vlan with only internet access.
Our vendor suggested creating a DMZ on our R60 NGX firewall. They also
suggested having the firewall do dhcp. Could I just relay to our
internal dhcp server? We currently only have two interfaces and
john maverick a écrit :
Thanks ...i had spotted this sh earlier BUT mine IP560 does not have any
process in the script that i can fingerprint thru ps -auxw at the time of
activity(which is one requirement and still is one)
and the other one backup succesful..well an earlier post thru
Luca Rossi a écrit :
Hi all,
I need to do a vpn between ngx r60 and cisco pix. Any
documento o link?
I tried to do a vpn but the smart view tracker give me
this error
By
Thanks
you can find some guidance on cisco site, and also at the url below :
No Name Available a écrit :
Hi all
I cannot resolve dns names through a vpn tunnel. I can ping dns server
from client. I have ticked option accept domain name over udp before
last
And accept domain name over tcp before last as well.
There is nothing in the excluded service in vpn
No Name Available a écrit :
That's right lhrmg01p is the name i am trying to resolve. Reverse lookup is
not working either. No drops in tracker and going to the server.
if there is no drop this sounds like a dns issue, not a firewall issue.
Kind regards
Gil Hananya a écrit :
Hi,
I'm trying to install splat on new Dell PowerEdge 1950 with PERC 5 raid
controller, but can't get it install.
I think I need driver for the PERC.
Please advise/help
hello,
if the server is on the HCL from checkpoint website, they should
indicate which
Jeremy Lieb a écrit :
Good afternoon. I'm trying to come up with some compelling reasons to
switch from pure Enterprise Linux for our firewalls and Smart Center to
SPLAT. I've been playing around with SPLAT for months and much prefer it
to the standard RHEL Checkpoint installation but I'm
Hugo van der Kooij a écrit :
On Thu, 6 Sep 2007, pkc_mls wrote:
there are pros and cons regarding using or not using splat.
the cons are IMHO :
- drivers
- you cannot install some specific stuffs
I would considere this a pro and not a con. Installing extra things on
firewalls is decremental
hello,
I'd like to setup a site to site vpn with another box.
I set up the community, the other box as interoperable device, the vpn
domains, preshared key.
but I cannot see any IKE packet out from my firewall.
the fw ctl zdebug drop shows the following :
fw_log_drop: Packet proto=17
pkc_mls a écrit :
hello,
I had a better look at the rule indicated below, and this was the point.
Is there a way not to use the implied rules for the VPN ?
(I tried, but the rule #24 was part of the try ...).
thanks
I'd like to setup a site to site vpn with another box.
I set up
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
hello,
the smartdashboard on windows cannot connect to the smartcenter due to
certificate errors.
so I'd like to run a sic_reset, but the command still complains about
certificates I have to manually
Edouard Zorrilla a écrit :
Hello There,
Anyone knows the safest way to upgrade R55 to NGX ?. If so I would be glad you
can share the procedure with me, unicast if there a paper there.
hello,
every ngx version has an upgrade guide.
they are available at checkpoint support site.
look at
Sebastian Arriada a écrit :
Did u allow the windows ip on the smart center right (cpconfig) ?
nice try, but this is not the issue.
I'll try the cpca_client revoke_cert.
=
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL
Edouard Zorrilla a écrit :
I understan that the upgrade licence command: license_upgrade should
be done at the SmartCenter, so I got a couple of questions:
1.- Should I perform this command after the upgrade to NGX or before ?
2.- Do the Management Server need a conection to the Internet to
Edouard Zorrilla a écrit :
I am planning to upgrade the smartcenter Sir. I have been reading the
pdf upgrade_guide and It says that I need to use a command
license_upgrade, I understand that the easy way is to have a internet
connection to the smartcenter to perform the upgrade of license
Edouard Zorrilla a écrit :
Hello,
What I have is a clusterXL, so what is the safes method to upgrade the
modules:
1.- Using SmartUpdate,
2.- Using local upgrade,
1st : smartcenter via local upgrade.
2nd : follow the procedure in the upgrade guide NGX for the cluster.
I definitely prefer
Markus Schmidt a écrit :
Hi,
I've installed the R61 HFA_02 on my Smart Center and on the standby
Cluster node.
However, I'm not able to connect anymore to that Clusternode via ssh
from my SmartCenter. The Policy allows that connection, and I can see it
as allowed in the SmartTracker, also.
In
Markus Schmidt a écrit :
Hi
there is no incomming ssh connection, as long as I leave the polic
installed. If I disable the policy, everything runs fine.
even if there is no connection, you should see at least a syn request,
unless someone else
on the LAN has the same MAC address.
But the
Mark Southgate a écrit :
Having upgraded to R61 from R55 on an IP330, I am applying HFA02. For space
reasons I needed to remove R55 and have inadvertently removed the R55 Backwards
Compatibility Package. I am now unable to install the HFA as the compatibility
package is required. I cannot
Azim Suleman a écrit :
Looking for doc on how to add a new vlan ( logical interface ) on Check Point
VPN-1(TM) FireWall-1(R) NG with Application Intelligence (R55) HFA_03 for
IPSO 3.8, Hotfix 388 - Build 003.
the vlan interfaces needs to be declared first via voyager for IPSO,
then in
Chris van der Merwe a écrit :
Hi Guys,
I have a simple question. We have a ClusterXL - Load Sharing Add-on for VPN-1
cluster up to 500 users. We also have 2 licenses for the gateways: 1 x High
Availability VPN-1 Gateway and 1 x VPN-1 Express Gateway .
Why when I create the cluster in the
Peter Addy a écrit :
Hi All
please help urgently, does anyone know how to retreive the expert mode passord or reset this on a Secreplatofrm box, the box does not have a cdrom drive and therefore cannot use the cd provided, and was wondering is there any orher way at all???
plug the
E. M. Recio a écrit :
Is there a way I can monitor the CPU load on a Nokia IP560, v4.1? I
wrote a small shell script to monitor the CPU idle time and send out an
email if idle drops too low. However, it seems like in Nokia Voyager if
I schedule a wildcard job, it won't accept asterisks for the
Paolo www.paoloriviello.com a écrit :
HI ALL,
how can I know if FW-1 is running on nokia ipso in fast or slow path mode ?
To temporarily disable it, one can issue the command:
ipsofwd slowpath
This also clears the flows tables. To re-enable it, use the command:
ipsofwd flowpath
To make this
Paolo www.paoloriviello.com a écrit :
many thanks...
now i have disabled the secureXL engine and the traffic is going good (bidirectional NAT).
Anyway i knew that secureXL is enable on IPSO only when flowpath is disabled ...IS it right?
on my ipso i had both enabled secureXL and
#
Bill Smith a écrit :
Guys,
I have a nokia box running IPSO 4.1, NGX R61
When running fw monitor command, below is what I get.
Anyone has any idea what it is? or what is wrong.
The FW is running as normal.
UNKNOWN:I[174]: 192.168.1.1- 192.168.5.22(TCP) len=174 id=46504
TCP: 1043 - 139
No Name Available a écrit :
Hi all
When I push the policy I see a very high utilisation on gateways around
95 %. It calms down after 3 -4 minutes but in this time the gateway
drops some site to site vpn tunnels. Is there any way to assign low cpu
queues to Policy installation on ip platforms.
No Name Available a écrit :
Thanks Sin,
What would be the effect of turning smart defence and webintelligence
services on services on on the gateways in terms of proc and mem
utilisation.
that will activate the http proxy on the firewall (to examine the
traffic deeper than a
standard tcp/ip
cisco4ng a écrit :
Scenario: A pair of AI R55 with HFA_20 running on SPLAT Active/Active.
Managment is a CMA inside P-1 R55 with HFA_20 running on Solaris 9.
On each SPLAT there are 4 interfaces but I only use 3 interfaces,
External, Internal and Sync interface. There is an unused
interface
Chris van der Merwe a écrit :
Hi Guys,
I had a working version of VPN-1 r65 on a RedHat 3 box. I installed
SecurePlatform on this box and now I can no longer ping my default router (or
even any other machine on the same subnet). If I check ifconfig, I see that
there are TX packets, but no RX
Chris van der Merwe a écrit :
Hi!
Ok, I unloaded the default policy, but it did not help my connectivity issues.
I also checked the logs with fw log - but there is nothing in the log about
dropping ping traffic or refusing SIC from the management server.
Hi,
do you have any traffic on
Hi all,
Is there a way to export a log via smartview tracker with all the
selected fields/columns ?
I know this can be done from the command-line, but I'd like to know if
smartview tracker could also do the same ?
thanks
=
To set vacation,
Torkel Mathisen a écrit :
Hi,
I would like to get a mail alert each time the state on ClusterXL changes from
standby to active or to down or any other way.
for this you have the failover tracking option in the clusterxl settings
of your gateway.
set it to mailalert and set also the mail
Hi all,
could anyone confirm that even if you create some rules on the
smartdashboard and you push them to a vpn1 edge device,
the rules are not applied to the box and you cannot see them in the
policy section of the vpn1 edge GUI ?
if it's not the case, is there any configuration somewhere
Hugo van der Kooij a écrit :
You will NOT see these in your web interface.
Hugo
thanks for the answer.
is there a way to see the updates on the box (CLI or other way) ?
=
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL
Rafaël Olivier a écrit :
Hello All,
Hi,
We setup a Site2Site VPN with a customer.
This VPN Tunnel is correctly working.
The customer is asking us to access a webserver which is hosted on the remote VPN gateway, on port 443. (so remote VPN Gateway is managing the Site2Site VPN and the
Rafaël Olivier a écrit :
Hi,
Thanks for your answers !
The connection to webserver is supposed to go directly on the Internet, not
through the VPN Tunnel.
So, VPN errors should not occur.
But the webserver and remote gateway (for Site2Site VPN) are the same machine
(same IP). That may
Sergio Alvarez a écrit :
Hello,
We have a situation where a customer has multiple site-to-site VPNs from
remote offices to their main Cluster (main offices), but they have very
particular kinds of traffic flowing through those VPNs and they have had to
uncheck a lot of SmartDefense protections
Bill Smith a écrit :
Guys,
Does anyone know how to copy file to SPLAT?
Tried ssh and got connection refused.
Same as winscp
you can run an ftp client from the splat in expert mode.
Plz advice,
Thx,
PB
=
To set vacation, Out-Of-Office,
John Harris a écrit :
Hello,
I am looking for a basic FW-1 troubleshooting guide. What I need is a
5-10 page guide that will tell someone the steps to debug a FW-1
problem.
Something like, run traceroute, go to the GUI, check log, etc.
Anyone know of such a document? Can you email it to me,
Hi all,
I found in cpug.org messages about VoIP fixes for NGX R60 HFA02.
does anyone know if the fix are also available for other hfas for R60 ?
thanks.
Scanned by Check Point Total Security
=
To set vacation, Out-Of-Office, or away messages,
101 - 200 of 438 matches
Mail list logo