Thanks, I'll try that, but I thought that only
allowed the _return_ packets in on that interface?
Cheers,
Anders :)
> -----Original Message-----
> From: Jim Sweeting [mailto:[EMAIL PROTECTED]]
> Sent: 21. februar 2001 21:35
> To: 'Reed Mohn, Anders'; '[EMAIL PROTECTED]'
> Subject: RE: [FW1] Rule 0 ... again ...
>
>
> Anders,
>
> I think you need to change the anti-spoofing to include the
> 10.0.0.0 network
> as well for the interface closest to the ISDN router (192.168.2.1)
>
> Jim
>
> ==================================================================
> Jim Sweeting
> Consultant
> Optimation NZ Ltd
> 43 College Hill Road
> PO Box 106104
> Auckland
>
> d. +64 9 307 5566
> p. +64 9 309 7918
> f. +64 9 309 7919
> m. +64 25 582047
> e. [EMAIL PROTECTED]
>
> This e-mail contains proprietary information some or all of
> which may be
> legally privileged. It is for the intended recipient only. If
> you receive
> this email in error, please notify the sender immediately and
> permanently
> delete this email. If you are not the intended recipient you
> must not use,
> disclose, distribute, copy or print this e-mail.
>
> -----Original Message-----
> From: Reed Mohn, Anders
> [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, 22 February 2001 9:11 a.m.
> To: '[EMAIL PROTECTED]'
> Subject: [FW1] Rule 0 ... again ...
>
>
>
> OK, 5th try. This computer seriously needs retirement.
> I'm sick of writing this email now ...
>
> I know this is a reoccurring subject, and I was
> hoping I'd be able to solve it by looking at the archives
> and reading the lst, but no...
>
> So, here goes:
>
> LAN|----|FW|-----|ISDN Router|------|Remote site
>
>
> LAN: 192.168.1.0/24
> ISDN Router: 192.168.2.2
> FW: 192.168.1.1 and ..2.1
> The ISDN router uses DHCP when dialling to remote site.
> Remote server: 10.0.0.1
> Spoofing settings: "This net" for both IFs.
>
> Turning the FW off, everything looks good, so routing seems
> to be OK.
> With the firewall running, it's a different game:
> Traffic to the ISDN-router (192.168.2.2) is let through.
> However, FW-1 blocks all traffic to 10.0.0.1 at Rule 0.
>
> ???
> Any tips as to what I did wrong?
>
> Cheers,
> Anders :)
>
>
> ==============================================================
> ==============
> ====
> To unsubscribe from this mailing list, please see the
> instructions at
> http://www.checkpoint.com/services/mailing.html
> ==============================================================
> ==============
> ====
>
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
