Re: [FW1] Checkpoint 2000 on NT

Tue, 20 Jun 2000 09:34:40 -0700 


In addition, what kind of logfiles are you seeing on the remote machine?...if you
can fwstop it, I assume you can look at the logfiles too...

Chris

Earl Robinson wrote:

> Jim Shaw wrote:
> >
> > I have built a couple of Checkpoiunt 2000 firewalls on NT 4.0/SP6a for
> > a  customer. One is to operate at a remote site. There is a private
> > network to the site that will go away once things are working smoothly.
> >
> > I had everything working sweetly in a test lab with a simulated internet
> > connection between the boxes (Linux box running as router, dns, smtp,
> > www servers etc.)
> >
> > The remote fw was shipped and now I can't talk to it over the private
> > network. If I (or my colleague 600km away) run fwstop I can ping it and
> > it can ping the rest of the network. fwstart and it might as well be in
> > Siberia. The only change I made between when I tested and when I shipped
> > was to the external IP address as I had been given the wrong one.
> > Changed it in all relevant (NT and FW1) places I could think of.
>
> did you change the ip address spoofing config? (interface security tab)
>
> I forget that sometimes. The external interface will usually have
> "other" as the allowed networks. You need to re-get the interface info,
> and then re-configure the "other" for allowed networks.
>
> --
> Earl Robinson
> Network Security Analyst
> SeNet International Corp
> [EMAIL PROTECTED]
> ===============================================================
> In God we Trust -- all others must submit an X.509 certificate.
>
> ================================================================================
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
> ================================================================================

--
Chris Trudeau
Partner-Managed Security Services
DigitalMoJo Inc.




================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Reply via email to