Satish,
Just so happens I came across the following re FW-1 whilst trying to
find some info on some other stuff. Hope it answers your q.
"Any" allows any "simple" TCP, UDP, ICMP, or arbitrary IP datagram
through the firewall. Anything requiring specific INSPECT code to function
correctly will not work with service "Any." This includes, but is not
limited
to, the following list of services (as of 4.0SP4):
FTP, RPC, sunRSH, REXEC, VDOLive, Real Audio, RTSP, SQL*Net2,
FreeTel, CoolTalk, H.323, NetShow, Winframe, Backweb, IIOP, CVP,
Best Regards,
Julian Tomlinson
Technical Infrastructure Group
Drake Insurance plc (In provisional liquidation)
Tel: 01273 86(3335)
Fax: 01273 506058
Mob: 0467 887527
Email: [EMAIL PROTECTED]
Date: Mon, 10 Jul 2000 09:40:10 +0530
From: [EMAIL PROTECTED]
Subject: [FW1] Queer problem with Firewall-1 4.0
Hi all,
I am facing a queer problem with my Firewall-1 4.0 / Windows NT 4.0 setup.
I have a DMZ style network with the following interfaces:
- - an external interface, directly connected to the router.
- - an internal interface, connected to my internal LAN.
- - the DMZ.
All my machines with valid Internet IP addresses are located on the DMZ.
Recently, I installed a machine running Microsoft ILS server on the DMZ,
idea
being that people from Internet as well as my internal network can logon to
the
ILS and then do NetMeeting.
The queer part is that if I define a rule-pair: any -> ILS, any, permit and
ILS->any, any, permit, the setup does not work. However, if I define: any ->
ILS, NetMeeting, permit and ILS->any, NetMeeting, permit, ILS works fine and
people can do NetMeeting.
I must say that I am baffled by the behaviour. Any help would be highly
appreciated.
Regards,
Satish S. Joshi
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
