All, Since we are able to use the basic mail proxy features of MailSentinnel (without a subscription), I assume all modules that tie into that feature are unaffected as long as either both subscriptions OR neither subscription are selected.
I will also assume GTA has/will test for that scenario. Additionally, I assume GTA will resolve my previously mentioned bug (see below) in that release. GTA need not reply since this is not a request for support... Thanks, Danny -----Original Message----- From: Cox, Danny H. [mailto:[EMAIL PROTECTED] Sent: Friday, December 01, 2006 3:13 PM To: David Raistrick Cc: [email protected] Subject: RE: [gb-users] GTA has released GB-OS 4.0 patch level 3 (ver. 4.0.3) and GB-OS 3.7 patch level 3 (ver. 3.7.3). David, I. 1. You assume I need to create an object called "Protected Networks" - You are wrong. 2. Renaming the default object (done years ago) to "Protected Networks" is not the issue. 3. Portions of 4.0.3 want to use "Protected Network", which DOES NOT exist, and those "portions" cannot be edited to correct the problem - This is the actual issue. Solution: By allowing those portions to be edited, it would help to eliminate the problem. I have seen similar issues in previous releases. II. 1. Your assumption about being unable to rename "Protected Network" is wrong. 2. In older versions you could rename "Protected Network" (and virtually all other objects) without issue. 3. I did exactly that about 3 years ago, and I just now tried in 3.4.0, and it accepted the change, and never complained in the "Verify" section! III. 1. Your argument implies that GTA may have this issue across many releases. 2. Since "Protected Network" is blank when you start with a fresh config, I doubt linking is (or has ever been) an issue - again, especially since it has ALWAYS worked with our configs. 3. If you were correct on this point, then our configs would NEVER have worked, and GB allowing such a change could indicate a flaw exists. 4. I believe allowing such changes was intended by GTA all along. IV. 1. It is not as simple as creating a new object - like you proposed. 2. Since this would create redundancy, it could potentially impact performance, open new unforeseen threats, and make long term management that much more complex. 3. Additionally, I cannot rename it "Protected Network"; because I would have to change every single filter, tunnel, etc, to match that change. This is an unreasonable burden to place on the customer. V. 1. You said "The change was made to prevent these objects from being renamed to keep this from happening." How do you come to that conclusion? In closing, your email would have read much better if you had left out the first (unnecessary) sentence. Danny -----Original Message----- From: David Raistrick [mailto:[EMAIL PROTECTED] Sent: Friday, December 01, 2006 1:29 PM To: Cox, Danny H. Cc: [email protected] Subject: RE: [gb-users] GTA has released GB-OS 4.0 patch level 3 (ver. 4.0.3) and GB-OS 3.7 patch level 3 (ver. 3.7.3). > When importing from a previous configuration, the VPN and possibly > other modules do not function properly if default objects (like > "Protected > Network") were changed (like to "Protected Networks"). I also noticed > the admin cannot manually edit the "hard coded" entries to correct for > the previously renamed objects. Stupid question: Can you just create new objects called "Protected Networks" etc that contains the default object "Protected Network" ? This would let your filters, etc, work without having to redesign how the default objects work or reconfigure all of the filters etc. You'd only have to create 3 or so new objects per firewall. Right? If I had to make a guess, I'd suspect that the old default objects such as "Protected Network" were not designed to have their name changed...changing the name would likely break their "default" nature (ie, adding an alias network to the Protected interface would no longer automaticly populate your "Protected Networks" object. The change was made to prevent these objects from being renamed to keep this from happening. Just a guess. -- David Raistrick http://www.netmeister.org/news/learn2quote.html [EMAIL PROTECTED] http://www.expita.com/nomime.html ------------------------------------------------------ To unsubscribe: [EMAIL PROTECTED] For additional commands: [EMAIL PROTECTED] Archive: http://archives.gnatbox.com/gb-users/ ------------------------------------------------------ To unsubscribe: [EMAIL PROTECTED] For additional commands: [EMAIL PROTECTED] Archive: http://archives.gnatbox.com/gb-users/
