CiscoR1 ----CiscoPix----CiscoR2 R1 is doing eBGP with R2 with MD5 authentication. Customer is migrating from Cisco Pix to Checkpoint NGx R61 with HFA_01. In Cisco Pix, I have this: static (inside,outside) 192.168.1.1 192.168.1.1 netmask 255.255.255.255 norandomseq where 192.168.1.1 is the IP address of R1. because the way ebgp authentication works, the tcp sequence randomizer must be turned of on the Pix. If the customer is moving to a checkpoint firewall, I think it will break eBGP. Can someone show me how to disable tcp sequence randomization in checkpoint. I know most firewall vendors implement tcp sequence randomization but I don't know how to disable it in Checkpoint. Thanks. cisco4ng
__________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
