We are running an management station on Win2003 spk1 and R61. My FW
lic is tied to one internal ip address unlimited.
When I compile the rules it completes with warnings and displays info below.
Installation TargetsVersion Policy TypeDetails
gatekeeper NGX R61 Advanced Security
In OpenBSD and pf you can do port redirects for servers on the DMZ.
Basically, BSD FW has public addresses assigned to it so it can answer
for a port 80 to public address and then can redirect to internal DMZ ip on
say port 8080.
So, with checkpoint the Web server on the DMZ has internal address
I am running Windows 2003 spk1 and R61 hfa01.
I can not log in to my SmartDashboard. After entering my username and
password an error window will appear saying:
The connection has been refused due to one of the following
SmartCenter certificate problems:
1. The SmartCenter Server's Clock is not
I was running Windows 2003 spk1 and R61 hfa01 and moved to R65. In R61 in
SmartView tracker I could set a query to resolve names in the logs. I could
then just put my mouse over an object or resolved name and it would display
an ip address. You could also just double click on a record and in
We are running NGX R65 (no hfa's) management station on Win 2K3 spk2
and all windows updates.
I am trying to install HFA03. I unzip the file fw1_R65_HFA.tgz and
run setup and it installs normally and I then reboot the machine. If
I try to run Checkpoint configuration I get the error.
We are running NGX R65 (no hfa's) management station on Win 2K3 spk2
and all windows updates.
Sorry, I am trying to install HFA-30. I had unzipped HFA-30 and
burned it to cdrom and ran setup.bat, but it gave a bunch of errors
not finding paths. I then unzip the file fw1_R65_HFA.tgz and run
We are running NGX R65 HFA-30 management station on Win 2K3 spk2.
With checkpoint r65 can I setup a rule to only allow mail in to the
DMZ if it is addressed to [EMAIL PROTECTED] somehow?
This would be mail coming into the firewall.
thanks,
rlocus
Scanned by Check Point Total Security
With checkpoint r65 can I setup a rule to only allow mail in to the
DMZ if it is addressed to [EMAIL PROTECTED] somehow?
This would be mail coming into the firewall.
you can do this with smtp resources.
this is described in the checkpoint documentations.
However keep in mind that you might
We are running NGX R65 HFA-30 management station on Win 2K3 spk2.
This was upgraded from R62.
On R62 in smart defense I could activate Dshield storm center-block malicious
ip's with no problem.
Now with R65 if I activate Dshield and block malicious ip's the FW starts
dropping http traffic? Not
I am running Windows 2003 spk2 and R65 HFA03.
On the internal network we have 11 Polycoms that sometimes need to
connect through FW1 to public Polycoms and bridges. Right now I am just
allowing H323 traffic and it seems to work, but the video also seems to drop
out a lot. We have a lot of
If you are just running Splat R65 and SD on a Dell box and go to R70, do
you lose your SD. Can the IPS software run like SD on the same
box or is this now buying hardware?
thanks,
rlocus
Scanned by Check Point Total Security Gateway.
Scanned by Check Point Total Security Gateway.
I am running Windows 2003 spk2 and R65 HFA 03.
I setup one rule to allow internal polycom using static ports from polycom
that is static nated at firewall.
H323 1720 1720 TCP protocol none
TCP 3230 3235 TCP
UDP 3230 3253 UDP
RAS 1719 1719 UDP protocol none
When internal polycom calls out
I am running Windows 2003 spk2 and R65 HFA 03. SmartDefense is up to date.
When I go to Smart Defense, Web Intelligence, HTTP Protocol
Inspection, Header Rejection and try to select or deselect a header
check box I get this type of error.
Failed to save object.
server error is Validation error
I am running Windows 2003 server spk2 and R65 HFA05.
If I use smartdashboard hfa01 from my windows xp box and login to the
firewall I can make changes as needed. The next time I try to login to the
firewall from my winxp box using smartdashboard I get a Please make sure
server is up and running
I have it set to Rematch connections. Maybe I should change it
to Keep all connections and just let existing connections end when
communications end?
thanks,
cmoon
---
Date:Tue, 23 Feb 2010 15:35:32 -0800
From:Gary Scott accesslimi...@yahoo.com
Subject: Re: proxy server
Site is running Windows 2003 spk2 and R65 hfa60.
This is a single FW environment. I want to migrate to R70 Splat.
I want to build this up without using upgrade_import/export. Once I
get the new R70 Splat FW setup and change licenses through checkpoint,
will the existing Windows FW (still
I have R65 hfa60 running on windows 2003. 4 interfaces, 2 internal
and 1 dmz and external. Everything on this simple clone box works
good.
I am testing with r71.1 SPLAT on a dell power edge 2950 two on board
nic’s and intel pci express with 4 ethernet jacks. I am moving
objects and policy with
I have a dell PowerEdge running Gaia R75.04 that is a security
gateway and security management server. I need to turn this into a
distributed deployment with security gateway cluster and security
management server on different computer. What is the best method to
do this? How do I get all my
Trying to decide on two Check Point Appliances to use in a Cluster.
Do you have any recommendations, I was thinking about one of the
Models below. We need at least 8 ports.
Present firewall is a Dell PowerEdge 2950.
We are running R75.40 Gaia and just the IPS blade.
We would like to add in some
19 matches
Mail list logo
