1. Logging options is now clear ,but how will be we able to distinguish
the logs of different FW modules.
You will distinguish them by looking at the "Origin" field in your log
viewer. This field will give you the interface of your originating firewall.
2. As per my understanding , a single policy will be pushed by management
console to all FW Modules ?
Depends. you can specify many policies for many FW modules. When you want to
install policy A to FW A, load policy A, install it. The FW mgmt will ask
for FW to install on, and you just chose A. and click OK, the policy will be
pushed only to A, not B and C...
-----Original Message-----
From: Ash's Yahoo [mailto:[EMAIL PROTECTED]]
Sent: 17 February 2000 07:05
To: Robert MacDonald; [EMAIL PROTECTED]
Subject: Re: [FW1] Query-urgent
Hi,
1. Logging options is now clear ,but how will be we able to distinguish
the logs of different FW modules.
2. As per my understanding , a single policy will be pushed by management
console to all FW Modules ?
3. How the licenses will work ? Would I be able to push licenses from
Management Consoles ?
4. IF one remote location has Floodgate and the locationd where Management
Console is there and the other location does not have Floodgate ,Will it
Work ?(Precisely the licenses)
I know I am asking for too much but I am sure for FW Gurus these are just
small queries from a new Friend.
Regds,
Ash
----- Original Message -----
From: Robert MacDonald <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Friday, August 11, 2000 2:08 PM
Subject: Re: [FW1] Query-urgent
Ash,
1. On the fw modules.
2a. It could choke the line, depending on how
much logging is going on.
2b. Yes. You may place as many entries in the
$FWDIR/conf/loggers file, which specify the IP
addresses of each management station to receive
log entries. If this file is empty, then it will default to
system that the modules in running on(itself).
The system will sequentially try each entry until it
connects. If you preceed the entry with a '+', then
it will direct log entries to all of these systems. It
will direct to all '+' systems if it can connect. If
it can't it will try each of the non '+' systems
until it succeeds.
3. Yes, to the best of my knowledge.
hth,
Robert
- -
Robert P. MacDonald, Network Engineer
e-Business Infrastructure
G o r d o n F o o d S e r v i c e
Voice: +1.616.261.7987 email: [EMAIL PROTECTED]
>>> "Ash's Yahoo" <[EMAIL PROTECTED]> 2/11/00 4:50:05 AM >>>
>Hello Gurus,
> We have got 3 offices and are planning to establish a VPN between
them.The 2 locations will have
>FW Module and the headoffice will have FW Module + Management Console.
>Now, the issue
> 1.Where will the logs will be generated ?
> 2. If it is in the HO only where the management Console then it will choke
the HO bandwidth ,Is there is
>any way that the logs of respective FW Modules be placed at their
respective ends only ?
>3. Since HO is the largest network ,we are planning to have Bandwidth
Management (FLOODGATE ) for
>that also there. Is it possible to have Floodgate at HO and not on the
Other 2 locations and manage
>everthing with the Single management console.
>(OfCourse it will do the bandwidth management for HO only).
>
>Hope to get too many solutions and suggestions.
>
>
>Cheers,
>Ash
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
