Re: [FW-1] CP UTM-1 R70.5 policy question

Tue, 29 Jan 2013 06:24:20 -0800 

Indirectly, you can accomplish this. Create a group with the relevant
wireless nets, then define a single rule as follows:

Source: {wireless nets}
Destination: NOT {Internal nets}
Service: HTTP, HTTPS
Action: Allow


Bear in mind that you're talking about fundamental differences in
architecture between Juniper (and Cisco, for that matter) and Check Point.
Juniper and Cisco use interface-centric ACLs, whereas Check Point is an
object-oriented firewall.



On Tue, Jan 29, 2013 at 1:09 AM, Clive Luk <cl...@sl.nsw.gov.au> wrote:

> Hi all,
>
> I am just wondering if I can define a policy restricted by zone. As I can
> see on the CP tracker there is inzone, outzone.
>
> I have UTM-1 with multiple interfaces.
>
> 1 x Internet
> 1 x DMZ
> 1 x Staff internal
> 1 x Wireless
> 1 x Public internal
>
> I am wondering if I can have a policy define to allow all wireless to
> access internet and DMZ via http and https but not to other interface.
>
> I have seen a juniper firewall can define policy base on zone.
>
>
> Cheers,
> Clive
>
> Email secured by Check Point
>
> ==============================**===================
> To set vacation, Out-Of-Office, or away messages,
> send an email to 
> lists...@amadeus.us.**checkpoint.com<lists...@amadeus.us.checkpoint.com>
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> ==============================**===================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/**services/mailing.html<http://www.checkpoint.com/services/mailing.html>
> ==============================**===================
> If you have any questions on how to change your
> subscription options, email
> fw-1-ow...@ts.checkpoint.com
> ==============================**===================
>
> Email secured by Check Point
>

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to lists...@amadeus.us.checkpoint.com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-ow...@ts.checkpoint.com
=================================================

Reply via email to