NGX SPLAT is snarky memory hog !
Can anyone explain why it is gradually devours all the memory and then
ups - nothing helps except reboot ?
Before upgrade to NGX, by the way it went smoothly without any errors or
warns, there was NG AI R55 (hfa14) and I never had similar problem with
that
Can SPLAT pro do this like Cisco IOS devices? With Cisco devices, it is
relatively simple.
I can do OSPF/BGP routing via GRE and push everything inside IPSec tunnel. Can
SPLAT
pro do this?
Furthermore, I guess route-based VPNs for Checkpoint NGx is similar to Cisco
Dynamic
Multipoint VPN
On 8/2/05, Aditya Irawan [EMAIL PROTECTED] wrote:
I was planning to implement MEP VPN with RIM.
So would it possible to do it with just NGX and SPLAT, or should I use SPLAT
Pro?
Since in RIM manual I found that RIM need dynamic routing protocol to
propagate the encryption domain of a
On 8/2/05, cisco4ng [EMAIL PROTECTED] wrote:
All,
I have an automate script that backup the configuration of my SPLAT
enforcement module
nightly at 11:30pm. This automate script run upgrade_export and also copy
the
/etc/sysconfig/cpnetstart file into a local directory that I create on
On 8/3/05, Andrey Maluck [EMAIL PROTECTED] wrote:
NGX SPLAT is snarky memory hog !
Can anyone explain why it is gradually devours all the memory and then
ups - nothing helps except reboot ?
Before upgrade to NGX, by the way it went smoothly without any errors or
warns, there was NG AI R55
Greetings everyone.
I have a situation that I never dealt with, and I'm wondering if you
could help me.
My VPN configuration is very simple. You may even envy me :)
I currently have two R55s, with the latest HFAs, in two sides of the
world, and they are VPNing between themselves with traditional
I have just upgraded my management and enforcement modules from
AIR55HF13 to NGX. Everything went smooth except for something I noticed
when I was finished. The enforcement module protecting my management
box and main network is missing options for Administrator and GUI
Clients in the cpconfig
At 18:02 03.08.2005, you wrote:
I have just upgraded my management and enforcement modules from
AIR55HF13 to NGX. Everything went smooth except for something I noticed
when I was finished. The enforcement module protecting my management
box and main network is missing options for Administrator
On Wed, Aug 03, 2005 at 06:05:54AM -0700, cisco4ng said at one point in time:
Can SPLAT pro do this like Cisco IOS devices? With Cisco devices, it is
relatively simple.
I can do OSPF/BGP routing via GRE and push everything inside IPSec tunnel.
Can SPLAT
pro do this?
i think SPLAT Pro
you may need to assign Network A addresses to your securemote clients
or add the range used by clients in the firewallA and B for encryption
domain
On 8/3/05, Ronny Nussbaum [EMAIL PROTECTED] wrote:
Greetings everyone.
I have a situation that I never dealt with, and I'm wondering if you
All,
Deniz gave me the solution. I tested it and it works great. Thanks.
cisco4ng.
P.S. by the way, the shell in root account in SPLAT is already in bash. I
didn't have
to do anything with the /etc/passwd file.
Deniz Cevik [EMAIL PROTECTED] wrote:
in order to use scp in secureplatform,
On 8/3/05, Loge VK [EMAIL PROTECTED] wrote:
you may need to assign Network A addresses to your securemote clients
or add the range used by clients in the firewallA and B for encryption
domain
Thanks.
Is what you're writing something that you tried, or something you suggest?
-RoNNY
We have a similar arrangement with one piece missing from your scenario that
might be different, you don't mention if they have desktops at the office on
Network A.
If they do we accomplish what you want by having our users connect to the
VPN, then they can remote desktop to their XP workstation
Hey everyone,
Ok, a brief history on what's been done so far. We were (are) running
Checkpoint NG FP3 on a Windows 2000 server box. A couple of weeks ago, I
loaded NGX R60 on a new Windows 2003 server box. I used checkpoints
upgrade using exported settings file when installing NGX. Well,
On 8/3/05, cisco4ng [EMAIL PROTECTED] wrote:
Can SPLAT pro do this like Cisco IOS devices? With Cisco devices, it is
relatively simple.
I can do OSPF/BGP routing via GRE and push everything inside IPSec tunnel.
Can SPLAT
pro do this?
You can do OSPF/BGP inside an IPSec VPN tunnel with
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf
Of Martin Hoz
Sent: 03 Agustus 2005 21:34
To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM
Subject: Re: [FW-1] SPLAT vs. SPLAT Pro
RIM is basically injecting a route about the
Thanks Mark,
I'm trying to accomplish something without using remote desktop.
Think about this scenario:
Office user trying to access web server---Firewall A---site to site
VPN---Firewall B---site to site VPN---Firewall C---Web server.
That's what I try to do at the end.
-RoNNY
On 8/3/05,
What do you see from a tcpdump and an fwmonitor?
-GS
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Chad
Ingram
Sent: Wednesday, August 03, 2005 8:25 PM
To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM
Subject: [FW-1] Problems
On 7/27/05, J Jayavenkatesh [EMAIL PROTECTED] wrote:
split tunneling - just to disable internet browsing while connected to
VPN gateway.
And allow internet browsing only after disconnecting from the VPN gateway.
Just to be more secured.
Create a rulebase for your SecureClient users (under
I am familiar with all the items you mentioned. Design is not an issue. I guess
it's just how it's implemented and the ease of use with the software or how
criptic it is along with how usefull the documention really is.
Also, has anyone done a comparison of checkpoint and netfilter they can
20 matches
Mail list logo