Hi all,
We plan to change the hostname of three IP650 node, one is the
Smart center , the other are Firewall modual installed. Does anyone
could give us an instruction and what we should pay attention ?
Thanks in advance!
Br
Kevin
=
To s
Hi ,
I want to keep some dedicate connection always open in FW's connection
table, what I think is
I could modify the tcp_virtual_seesion_time&udp_virtual_seesion_time
from 40s to a biger value(3600s).
How you think?
Br,
Lin Murong
=
To set vacati
The other trick with static routes on SPLAT is to add them in via the
normal route add command, then add the last route via the sysconfig
menu. This will save all routes and all of them will be loaded upon
reboot.
Regards,
Trevor
Trevor Lee
Network Engineer
There are some challenges though. I have done this before and you must
be very careful with your NAT rules that will translate the remote
addresses on both sides. You also need these local NAT'ed addresses to
be part of the local firewall's encryption domain. It's a bit tricky,
but it's doable. Goo
On 12/19/05, cisco4ng <[EMAIL PROTECTED]> wrote:
>
> 1) My nokia is an IP740 with 1GB of RAM. I run NG FP3 w/ HFA 325. When
> the
> CPU is at 99% and I run "fw tab" commands, it actually crashed the firewall
> twice,
Wow! - Do you have that utilizatoin normally? - it is of good practice
to leav
Jarmoc, Jeff wrote:
> Has anyone been able to get Zebra 0.94 running on SPLAT?
>
> SPLAT comes with 0.93b installed, and we're having issues where it seems
> to be sending out of sequence DBD updates. I wanted to try upgrading to
> 0.94, but obviously there's no compilers on splat with which to
Thanks in advance. I am wondering if anyone out there has set up a site to
site VPN between 2 networks with the same IP address scheme. Also the VPN is
between a NG AI firewall and an NGX firewall.
Thank you,
Zoran Rankovich
Sr. Network Engineer
MacNeal Health Network
708-783-3556
This messag
Although I have not tried, this should work by using NAT. Do not select
"Disable NAT in VPN tunnel" in the VPN Community...RK
>>> [EMAIL PROTECTED] 12/20/2005 2:31:32 PM >>>
Thanks in advance. I am wondering if anyone out there has set up a site to
site VPN between 2 networks with the same IP ad
The hard drive on my IP120 died. My support contract has expired. I
purchased a replacement hard drive and need help with installing IPSO
3.8 onto it.
Can someone tell me how to get the boot manager and IPSO 3.8 on the new
drive? I've downloaded the boot manager and latest IPSO from nokia's
web
cisco4ng wrote:
Hi everyone,
I've been struggle for the past couple days to find out how to
figure out the maximum of conncurrent connections, packets per
seconds (pps), and number of connections per seconds going
across a Nokia/SPLAT firewall. Let me give a few examples:
Example #1
We encountered the same issue when the changed they manner in which routes were
done. We used to have
this taken care of with a static-route file. Checkpoint sent us the following
shell scrip that takes
a standard format static-routes file and puts it into the network configuration
file. It only
if you are using a lot of nat I have found this to help a lotalong with the
other performance settings below:
Adjusting the NAT tables parameters - size and hash
In environments with large (> 25000) number of concurrent connections with
address translation increase the NAT tables size and hash s
At 16:32 20.12.2005, you wrote:
Hi ,
What's the best way to put a cluster on windows 2003 ?
well - the best way imho is not to use windows as a firewall ...
Is it possible to use only services providing by miscrosoft or should I
use a software like stonebeat ?
you can use clusterXL (from C
Hi ,
What's the best way to put a cluster on windows 2003 ?
Is it possible to use only services providing by miscrosoft or should I
use a software like stonebeat ?
B.R
Youssef.
=
To set vacation, Out-Of-Office, or away messages,
s
Hi everyone,
I'm currently making a site-to-site VPN between 2 ClusterXL on SPLAT and a
external SPLAT without cluster. All are on NG AI R55, not NGX.
I'm searching some documents on the Web or recommendations to set time of
parameters "Renegociate IKE security associations" (in minutes) and
"Rene
Hi Eamonn,
thank you very much for your advice; however, I upgraded the Nokia to
HFA_327 and
it actually made the problem worse so I had to roll back to hfa_325.
Yes, the fwd process takes up 99% of the cpu. The weird part is that the
memory on
the nokia maxes out at about 4
We are using NGX Client on XP SP2 with firewall on without any issues.
Have you tried in another machine?
Tom Brown wrote:
I have installed NGX SecureClient (598000191_1) on my laptop (XP SP2)
- so
far so good. When I try and create a new site, I give it the IP address,
click Next and I g
I have installed NGX SecureClient (598000191_1) on my laptop (XP SP2) - so
far so good. When I try and create a new site, I give it the IP address,
click Next and I go straight to the Select Connectivity Settings screen,
bypassing the Authentication screen altogether (so I can't select my
certfic
hi cisco4ng,
just in case you weren't aware, HFA 327 is available for NG FP3. from the
release notes, the "resolved issues" section states:
327-1 FireWall-1
Improved consumption of file descriptors on the fwd process.
Install on: SmartCenter Server & Enforcement module.
327-2 FireWall-1
In cer
Sysconfig then pick the add route
Very friendly menu
PB
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Shane
Presley
Sent: 19 December 2005 20:05
To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM
Subject: [FW-1] SPLAT: static routes
Hi,
I have experience on Splat with ClusterXL on Cisco Switches, and some Cisco
routers, but not in load sharing mode, only in active/passive mode. All is
working well !
I have also a testing environnement with Splat+ClusterXL with 2 old Cisco
2600 which simulate Internet, all on a Cisco Catalyst
21 matches
Mail list logo
