2. Is dns accessed at all, when fwd is running, to determine an object's ip
address or does it just use the ip address that is defined for the object?
I am not completely sure on this issue, but I would assume that once the
firewall has the IP address for a object defined it wouldn't need to query
DNS.
When setting up the object it might, if you click the get IP address box.
Seems like you are a little unfamiliar with the concepts of Firewall-1
I would recommend the following sites for more information:
___________________________________________________________________
thanks, but this is a question my reseller also couldn't answer. why would
a machine not be able to ping another, depending on if it was managing
itself. bob has 2 interfaces, 10.1.1.1 and 10.2.1.1:
this is a snoop from the machine bob (10.1.1.1) to
10.1.1.2, while a ping from bob to the .2 machine is going on and it is
managing itself:
bob.ford.com -> 10.1.1.2 ICMP Echo request
10.1.1.2 -> (broadcast) ARP C Who is 10.2.1.1, bob.ford.com ?
10.1.1.2 -> (broadcast) ARP C Who is 10.2.1.1, bob.ford.com ?
bob.ford.com -> 10.1.1.2 ICMP Echo request
10.1.1.2 -> (broadcast) ARP C Who is 10.2.1.1, bob.ford.com ?
this is the same snoop/ping with a different management server:
bob# /usr/sbin/snoop 10.1.1.2
Using device /dev/hme (promiscuous mode)
bob -> 10.1.1.2 ICMP Echo request
10.1.1.2 -> bob ICMP Echo reply
so all I could figure was that dns was getting in the way. Any other ideas?
thanks
becki kain
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
