Hi,
Maybe you simply forgot to push your policy.. The default one is any
any drop silently...
--- "Murphy, Paul" <[EMAIL PROTECTED]> a �crit�: >
>
> Hmmm... I understood him to mean that his routing was such that NAT
> was
> unnecessary, but when the fw daemon was kicked off, the firewall no
> longer
> routed the packets even though the policy should allow them.
>
> So here we are all guessing. bshipman, can you give us more info and
> some
> idea of what is going on in the logs?
>
> Cheers,
>
> Paul.
>
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: 11 October 2000 13:41
> To: [EMAIL PROTECTED]; [EMAIL PROTECTED];
> [EMAIL PROTECTED]
> Subject: RE: [FW1] SMTP,POP3 problems
>
>
> I'm somewhat lost. You say you can make a connection via pop3 or
> smtp. How?
> Even though routing is working, there should be no NAT in place for
> internal
> machines to allow this (you said the service was stopped),
> UNLESS you are speaking about doing this DIRECTLY from the firewall.
> If this
> is the case, and you have an ANY ANY ACCEPT rule, then you probably
> have
> under policy editor/policy properties/accept outgoing packets from
> gateway
> unchecked, and the packets are being dropped at rule 0.
>
>
> Thomas Poole
>
> -----Original Message-----
> From: Murphy, Paul [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, October 11, 2000 5:23 AM
> To: '[EMAIL PROTECTED]';
> [EMAIL PROTECTED]
> Subject: RE: [FW1] SMTP,POP3 problems
>
>
>
> What happens in the logs?
>
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: 11 October 2000 00:53
> To: [EMAIL PROTECTED]
> Subject: [FW1] SMTP,POP3 problems
>
>
>
> I have an NT server (hardened) running FW1 4.1 SP2, freshly
> installed.
> Three interfaces, no translation (yet). One rule:
> any-any-any-accept-long.
> one object: the firewall itself.
>
> Without FW1 running, I can make an SMTP or POP3 connection through
> without
> any trouble, but as soon as I start FW1, I can get no connection
> through.
>
> Am I blind, or am I missing something fundamental?
>
>
>
>
----------------------------------------------------------------------------
> -------------------------------------------
> This e-mail is intended only for the above addressee. It may contain
> privileged information. If you are not the addressee you must not
> copy,
> distribute, disclose or use any of the information in it. If you
> have
> received it in error please delete it and immediately notify the
> sender.
>
> evolvebank.com is a division of Lloyds TSB Bank plc.
> Lloyds TSB Bank plc, 71 Lombard Street, London EC3P 3BS. Registered
> in
> England, number 2065. Telephone No: 020 7626 1500
> Lloyds TSB Scotland plc, Henry Duncan House, 120 George Street,
> Edinburgh EH2 4LH. Registered in Scotland, number 95237. Telephone
> No: 0131 225 4555
>
> Lloyds TSB Bank plc and Lloyds TSB Scotland plc are regulated by the
> Personal Investment Authority and represent only the Scottish Widows
> and Lloyds TSB Marketing Group for life assurance, pensions and
> investment business.
>
> Members of the UK Banking Ombudsman Scheme and signatories to the UK
> Banking Code.
>
----------------------------------------------------------------------------
> -------------------------------------------
>
>
>
============================================================================
> ====
> To unsubscribe from this mailing list, please see the
> instructions at
> http://www.checkpoint.com/services/mailing.html
>
============================================================================
> ====
>
>
>
================================================================================
> To unsubscribe from this mailing list, please see the
> instructions at
> http://www.checkpoint.com/services/mailing.html
>
================================================================================
___________________________________________________________
Do You Yahoo!? -- Pour dialoguer en direct avec vos amis,
Yahoo! Messenger : http://fr.messenger.yahoo.com
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
