Ich werde ab 20.04.2006 nicht im Büro sein. Ich kehre zurück am 28.04.2006.
Ich werde Ihre Nachricht nach meiner Rückkehr beantworten. In dringenden Fällen
wenden Sie sich bitte an Herrn Heinrich Poetz.
I will reply to your message after my return. In urgent cases please contact Mr.
Heinrich Po
I'm using a different subnet for office mode and Ip pool. the file was
already in the modules, I just edited with vi. I've installed the policy but
I'm making tests and it's not receiving the ip from the file but from the
office mode pool.
Regards,
lino
-Original Message-
From: Mailin
If that is the very last line, it's probably OK. I believe you did say you
put the file on the enforcement module manually, didn't you? This is one of
the rare files that does not get pushed from the management server; it must
be placed manually on the firewall itself.
What IP address is it as
Hi guys,
my firewall(R55) not always but sometimes reject (in
smartDefebse) CIFS nbsession
here is the complete info from the log
Product: Smart Defense
Attack: Name CIFS worm
Action: Reject
Service: nbsession
Source: 192.168.1.2 (only this secure_remote user)
Destination: email server
Protocol: T
thanks, it did help.
--- Matthias Leu <[EMAIL PROTECTED]> wrote:
> Sam Ghannadi wrote:
> > hi guys,
> > Can I create a rule on R55 checkpoint firewall
> with
> > some restriction on FTPing to some server either
> PUT
> > or GET?
> > I looked on FTP services, none of them has that
> > option. I ju
When I do a vpn ipafile_check ipassignment.conf detail
Everything looks ok and then at the end It gives me an error of End of File.
Could not read line x in conf file - maybe EOF
Is this correct? Or it should I do something?
Best Regards,
Lino Avila
-Original Message-
From: Ma
Haven't done that before but it seems like crating a resource is the way
to go. It looks like it's designed for that.
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Sam
Ghannadi
Sent: Thursday, April 20, 2006 12:11 PM
To: FW-1-M
Check your SmartDefense features.
Under "Application Intelligence" ---> "FTP" > "FTP Security Server"
from there you can restrict commands via "Allowed FTP Commands".
Christian Chiaverini
CCSE
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PR
> Afternoon all, I just wanted to confirm a setup for authenticating
> SecureClient Users by a Radius server.
>
>
>- Created Host Object where the Radius Server resides
>- Created Server Object using Radius as the authentication method and
>set the hostname as per the previous step
>
Sam Ghannadi wrote:
> hi guys,
> Can I create a rule on R55 checkpoint firewall with
> some restriction on FTPing to some server either PUT
> or GET?
> I looked on FTP services, none of them has that
> option. I just like to give users permission to GET
> not to PUT on a SUNserver (FTP).
> Thanks,
hi guys,
Can I create a rule on R55 checkpoint firewall with
some restriction on FTPing to some server either PUT
or GET?
I looked on FTP services, none of them has that
option. I just like to give users permission to GET
not to PUT on a SUNserver (FTP).
Thanks,
Sam
___
I think you may also have to make sure ESP is labelled as a
"bidirectional" or "stateful" protocol (I also forget the wording).
Otherwise, the firewall won't recognize responses, and you'd need two
rules for every host that's supposed to talk ESP.
Mark
-Original Message-
From: Mailing lis
Afternoon all, I just wanted to confirm a setup for authenticating
SecureClient Users by a Radius server.
- Created Host Object where the Radius Server resides
- Created Server Object using Radius as the authentication method and
set the hostname as per the previous step
- Created an
Also note that you cannot give an IP which is part of your encryption
domain. You should use a totally different subnet (different from your
officemode pool) for the ipassignment.conf to work.
Regards,
Ramki
Lino Eduardo Avila Rodríguez wrote:
I have configured office mode and It works ok,
Try using TCP mode instead of UDP (default). That may help.
Regards,
Ramki
fwguru wrote:
Hide-NAT works fine with Cisco VPN clients behind a CP. I have had to
static-NAT some Cisco VPN clients to get it to work -- that was some time
ago, not recently.
If you have the proper ports open then ch
Hi,
Thanks for your quite thorough explanations. If that so, beside not to
use VLAN tagging (but only in Cisco switches), is there any important
settings that I should take note? I just knew that I have to disable
IGMP snooping on Cisco switches.
Thanks very much.
Regards,
Alex
Fabrice BA
Hi,
as you talk about "First, VLANs cannot be used in the synchronization
network in any version", I understand you have only one physical link to
each Cisco 6500 per each Checkpoint server. So, I deduce you wanted to
enable VLAN tagging on this physical interface, which would support all your
net
17 matches
Mail list logo