I was trying to consolidate my rulebase this weekend and found that what I
thought should work didn't. I'm probably missing something really simply
here, but I can't find it. I poured through the manuals and couldn't find
any help (surprise surprise), nor could I find anything on phoneboy. Any
help would be greatly appreciated!
Here's the objects I have defined (fake ip's of course):
Type Name Data
workstation ns1 192.168.10.1/24
workstation ns2 192.168.10.2/24
service group DNS dns-udp, dns-tcp
host group ns_servers ns1, ns2
network outside 0.0.0.0/0
Originally I had the following 2 rules defined to let dns traffic to
specific hosts:
Source Dest Service Action
------ ---- ------- ------
ns_servers outside DNS Allow
------------------------------------------------
outside ns_servers DNS Allow
I tried to merge this into one rule as:
Source Dest Service Action
------ ---- ------- ------
ns_nservers ns_servers DNS Allow
outside outside
This caused all dns traffic to be dropped (per the last rule).
Derek J. Lambert, MCSE, A+
Network Administrator
Columbia ParCar Corp.
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
