[FW1] CP 4.1 Reporting Module

2000-09-27 Thread Kevin Cheong
Dear all May I know do I need any license in order to use the Reporting Module that comes with the CP 4.1 CD. Thanks. Best regards __ Do You Yahoo!? Yahoo! Photos - 35mm Quality Prints, Now Get 15 Free! http://photos.yahoo.com/

RE: re[2]: [FW1] Installing SecuRemote on Windows 2000

2000-09-27 Thread Mike Glassman - Admin
Release clientss ? I only have one version from them which I got over 2 months ago. Are there others ? Newer ones ? Why didn't they send me notification *Starting to get bloody pissed off here with them*. Mike > -Original Message- > From: Joe Voisin [SMTP:[EMAIL PROTECTED]] > Sent

RE: re[2]: [FW1] Installing SecuRemote on Windows 2000

2000-09-27 Thread Mike Glassman - Admin
I havn't yet used the SR to attach to servers, but this is a next step. At the moment I'm using it mainly for external to email-internall issues and so far no probs at all. I'll feedback as soon as I have tested it. Mike > -Original Message- > From: Dan Hitchcock [SMTP:[EMAIL PROTECTED

RE: re[2]: [FW1] Installing SecuRemote on Windows 2000

2000-09-27 Thread Mike Glassman - Admin
Well, if they are waiting for the release of Windows 2001, then they will have a long wait as there is no such product in the planning. Probably a lot of Service Packs or Service Releases. The next probable (you never really know) is based for 2003 *Shrug*. I cannot understand why CP are so slow

[FW1] FW1 vs SunScreen

2000-09-27 Thread Thomas Nau
Does anyone have experience with SunScreen 3.*. and FW-1? Any hints on good/bad points eg performance, pricing, licenses-stuff, vulnerabilities, ... Thanks, Thomas == PGP fingerprint B1 EE D2 39 2C 82 26 DA A5 4D E0 50 35 75 9E ED == Thought you got rid of all year 2k

Re: [FW1] anti-spoofing on fw-1 4.1

2000-09-27 Thread Kohichiroh Watanabe
>I have a Firewall-1 version 4.1 in place that I would like to put >anti-spoofing rules onto. >I go to the firewall network object and edit the interfaces. However, >I only get a General Tab, there is no Security tab which is where I >expected to find the Valid addresses fields. Did you se

RE: [FW1] Cant connect to Management Server.

2000-09-27 Thread Carl E. Mankinen
Generally, it's not a good idea posting your CP serial # to the mailing list I would think. You might want to sanitize whatever info you post here, including ip addressing of your network. Are we all white hats here? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On

RE: [FW1] anti-spoofing on fw-1 4.1

2000-09-27 Thread Frost, Timothy E
> -Original Message- > From: MikeCC [SMTP:[EMAIL PROTECTED]] > Subject: [FW1] anti-spoofing on fw-1 4.1 > > > Hello, > > I have a Firewall-1 version 4.1 in place that I would like to put > anti-spoofing rules onto. > > I go to the firewall network object and edit the interfaces.

[FW1] Net Mon 2 breaks NT GUI client

2000-09-27 Thread Ian Campbell
Yes it does. I'm running NT 4 Server SP6a on my desktop and the GUI clients worked great. I was having a filtering problem on my router and wanted to capture some ftp packets to see what the problem might be. I installed Net Mon 2 from SMS off the MSDN CD's we have (This version puts your NIC in

[FW1] anti-spoofing on fw-1 4.1

2000-09-27 Thread MikeCC
Hello, I have a Firewall-1 version 4.1 in place that I would like to put anti-spoofing rules onto. I go to the firewall network object and edit the interfaces. However, I only get a General Tab, there is no Security tab which is where I expected to find the Valid addresses fields. It has bee

[FW1] fwauth.NDD changes??!!

2000-09-27 Thread raed al-tamim
In regards to my previous email , After moving the FW1 gateway, I found out that my license is hostid base and not IP, but I found the fwauth.NDD file to have inside of it the old IP address of the Gateway Does anyone know how I can regenerate the authentication file (fwauth.NDD), so I can change

[FW1] VPN-1 SP2 & SecuRemote Version 4115

2000-09-27 Thread Bob Bisignani
Has anyone upgraded to version 4.1 SP2 on VPN-1 while still using the old client 4115 using FWZ? Thanks Bob _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about you

Re: [FW1] Install on AIX ???

2000-09-27 Thread Kohichiroh Watanabe
Almost same as 4.0 except some details.(install dir, config command etc) See detail at "Getting Started Guide". PDF version is available in installation media. /* IBM Japan,Ltd. */ /* IGS, e-Business Enablement Services / ERS-J */ /* K

RE: [FW1] Export rulebase from v4.0 / Import rulebase to v4.1

2000-09-27 Thread Frost, Timothy E
http://www.phoneboy.com/fw1/faq/0123.html -- Timothy Frost mailto:[EMAIL PROTECTED] EDS New Zealand Fax: +64-4-495-0473 8 Gilmer TerracePhone: +64-4-495-0504 P O Box 3647 Wellington New Zealand > -Original Message- > From: Graha

RE: [FW1] Cant connect to Management Server.

2000-09-27 Thread Frost, Timothy E
Rodrick, > From: Rodrick Brown [SMTP:[EMAIL PROTECTED]] > Subject: [FW1] Cant connect to Management Server. > > > > Anyone here know what could be causing this > > After trying to connect to my management server from a nt gui client Im > getting this error. > Yes I added the nt clien

RE: [FW1] NT user authentication

2000-09-27 Thread Carl E. Mankinen
You installed FW1 on a BDC? So your BDC is exposed to the Internet? Are you nuts? Try this, whip out SystemScanner 6.1 or SuperScan or whatever... Port scan your firewall from the internet. Notice the ports you have open. >From the firewall, simulate a FW1 service failure"kill -f fw.exe" Now

RE: [FW1] Installing SecuRemote on Windows 2000

2000-09-27 Thread Craig Baltzer
I have this on 1 W2K box (out of 20+ that are running 4165 on W2K). The only diff. with that box is that its been "upgraded" from the W2K beta code (rest were clean installs with production W2K). When I get a chance I'm going to re-do with a clean install and see if that helps... Craig -Ori

Re: [FW1] Installing SP2 on Solaris 2.8

2000-09-27 Thread Lance Spitzner
On Wed, 27 Sep 2000, Firebird wrote: > I just decided this afternoon to install SP2 on the Cp FW-1 v4.1 > install we have on a Solaris 8 SUN station. Installing the FireWall was > quite easy, now I encountered the problem, after downloading SP2, > gunzipped an untarred it, that I couldn't fi

Re: [FW1] automating script to restart MDQ

2000-09-27 Thread Ryan Joffs
Aloha, First of all don't use csh for scripts. it just doesn't work. Try this script #!/bin/ksh # uncomment one and only one of the following statements to set the pid variable. # the first is a Linux and the second is Solaris this script works on either. with the # correct ps statement #pid=`p

[FW1] Cant connect to Management Server.

2000-09-27 Thread Rodrick Brown
Anyone here know what could be causing this After trying to connect to my management server from a nt gui client Im getting this error. Yes I added the nt client machine to the gui-clients conf file but still im not able to connect. Anyone can assist me. I will really appreciate it. # fwm:

Re: [FW1] Seg fault...

2000-09-27 Thread Firebird
Hey Randall, Yeah, I suppose keeping the /conf/ dir is sufficient to get my old configuration (As I applied the patch, it made a tarball of this directory. I'll first try to upgrade to SP2 since this is the one I really need. Thank you for your help, I already thought to that, and I thin

RE: [FW1] Seg fault...

2000-09-27 Thread John Li
found this on phoneboy.com. hope it helps... --- Has only loopback (lo) interface, aborting... Q: When attempting to install a policy, I get the following error message: Installing Security Policy foobar on all.all@firewall Has only loopback (lo) interface,

[FW1] CheckPoint 3.0b media

2000-09-27 Thread Robert Spadafora
Does anyone know where I can get Checkpoint 3.0b firewall media? Thanks Rob S. To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.

RE: [FW1] problem - same reserved addressing on networks and VPN tunneling -- correction

2000-09-27 Thread Frank Knobbe
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Small typo in a paragraph: I meant: The other firewall does the same. Same objects and rules (name differently to avoid confusion). Now, packets with Src IP 192.168.1.0, dest IP 10.10.2.0 are translated on your firewall to src 10.10.1.0 dest 10.10.

Re: [FW1] Seg fault...

2000-09-27 Thread Randall Kizer
One of the "trainees" in our office was given the task of installing FW-1 SP2 on a Solaris 2.7. I'm not sure how he installed it (because he wanted to "try it without [my] help"), but he had the exact same problem. My solution: I removed all of the Check Point packages he installed and start

RE: [FW1] problem - same reserved addressing on networks and VPN tunneling

2000-09-27 Thread Frank Knobbe
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 > -Original Message- > From: davidxs [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, September 27, 2000 4:19 PM > > I have a problem > > I need to connect my FW-1 4.0 to a remote firm's FW-1 4.1 via > VPN tunnet ala > ISAKMP > > The other f

[FW1] CheckPoint Install Problems (2) (fwd)

2000-09-27 Thread Rodrick Brown
-- Forwarded message -- Date: Wed, 27 Sep 2000 19:08:04 -0500 (EST) From: Rodrick Brown <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: CheckPoint Install Problems (2) Ok when im trying to connect to my management server from nt client im getting this error, fwm: No licens

[FW1] CheckPoint Install Problems (2)

2000-09-27 Thread Rodrick Brown
Ok when im trying to connect to my management server from nt client im getting this error, fwm: No license for client both on the client and on the stdout on my solaris machine. Which license is it talking abnout ?? Ive already install the checkpoint fw license do I need a license for the mana

[FW1] NT user authentication

2000-09-27 Thread Dave Hood
Hi Guys, I've read some of the lists archives about this but I'm still not 100% on it. I am wanting to authenticate my internal network's NT users for web access. The firewall (4.1) is a BDC in the domain. Am I correct in saying that all i do is set the authenication rule to the OS for the www s

[FW1] Seg fault...

2000-09-27 Thread Firebird
Hello guys, Ack... I just installed SP2 on the FW-1 v4.1 on Sol8 and rebooted the machine. I now have a segfault : | FireWall-1: Fetching Security Policy from localhost | Trying to fetch Security Policy from localhost: | Segmentation Fault - core dumped Further error are : | Has

RE: [FW1] Installing SP2 on Solaris 2.8

2000-09-27 Thread Randall Kizer
I've installed SP2 on several machines, and I've used "patchadd" - as documented in the release notes (p.11). At 09:57 PM 9/27/00 +0200, Firebird wrote: > Hi, > > > It is just a simple pkg addition. > So that's it, if I pkgadd the package, it will upgrade the FireWall ? >How easy... Is

[FW1] Date: Wed, 27 Sep 2000 15:29:57 -0700

2000-09-27 Thread Paul DeHerrera
Is there anyone out there using CheckPoint FW-1/VPN-1 on Redhat Linux? Having troubles with it? Please reply offline Paul DeHerrera Large Scale Biology [EMAIL PROTECTED] 707.469.2357 http://www.lsbc.com T

putkey and too many firewalls

2000-09-27 Thread Pere Camps
Hi! I've been debugging the following setup for the last couple of days: policy pvt net pvt netinternet server fw-1 A --- fw-1 B fw-1 C --- The policy server is for all three firewalls (in fact, it serves many more and in HA mode, but th

[FW1] User Defined Alert in fw-1 version 4.1

2000-09-27 Thread Christine Lee
Hi, I'm trying to export my fw-1 logs to syslog using user defined alerts. In the log & alert tab in the properties window, I have user defined alert command set to : /usr/ucb/logger -p 0.3 This worked fine in my fw-1 version 4.0 firewalls, but it is not working on my 4.1 firewalls. They a

RE: [FW1] Installing SecuRemote on Windows 2000

2000-09-27 Thread Little, Craig (SSI-SIAP-NP5)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 While we're on the topic of the Win2K beta, has anyone else with 4165 noticed a problem using the Windoze Outlook mail client (the full client, not Outlook Express). Every time I press the send button, I get a nice blue screen - something I haven't s

[FW1] problem - same reserved addressing on networks and VPN tunneling

2000-09-27 Thread davidxs
Hello, I have a problem I need to connect my FW-1 4.0 to a remote firm's FW-1 4.1 via VPN tunnet ala ISAKMP The other firm is using the same reserved addressing internally as I am. Is there any configuration via FW-1 that can fix this problem? Nat?? If not any recommendations as how to work

RE: [FW1] IIS Authentication (NT Challenge/Response) thru FW1

2000-09-27 Thread Dan Hitchcock
Your issue may have to do with the token-passing behavior of Internet Explorer. If you are using Netscape, you're out of luck; with Internet Explorer, however, you can make some changes to improve this situation. By default, IE will only send NTLM authentication traps to sites defined as "local

[FW1] RE: RE: (FW1) Installing SP2 on Solaris 2.8

2000-09-27 Thread Marc Jacquard
Yup. You are right. I was thinking of the upgrade packages. Marc Jacquard SR. Systems Engineer Fujitsu America, INC. Hilo Office email: [EMAIL PROTECTED] Telephone: 808-934-4103 Pager: 888-787-5814 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Wednesday,

RE: [FW1] Securemote Issue....

2000-09-27 Thread Dan Hitchcock
Title: RE: [FW1] Securemote Issue If the machine already has an address bound to any of its adapters that is inside the encryption domain (as would be the case in the "take the PC home" scenario, SecuRemote will never prompt for authentication at all, as it will assume that encryption is

RE: [FW1] Telnet timeout question

2000-09-27 Thread Sexton Matt
Doesn't that open the gateway up? If you change to outbound then you're not filtering what's coming in? You can only crank it up anyhow? Isn't there a way to allow a particular object NOT to timeout? -Original Message- From: Gopinath Pulyankote [mailto:[EMAIL PROTECTED]] Sent: Sunday,

RE: [FW1] Installing SP2 on Solaris 2.8

2000-09-27 Thread Firebird
Hi, > It is just a simple pkg addition. So that's it, if I pkgadd the package, it will upgrade the FireWall ? How easy... Is there no existing doc 'bout that ? So long, Firebird To unsu

[FW1] in.lhttpd license question

2000-09-27 Thread Chris Heerschap
Hi- Background: I'm not a firewall-1 administrator, I have a firewall which is spitting out many errors and our FW-1 administrators don't know how to fix it. So please be kind if this is a common question. I found the archives but didn't see a search. The in.lhttpd.log file is getting filled

RE: [FW1] Installing SP2 on Solaris 2.8

2000-09-27 Thread Marc Jacquard
It is just a simple pkg addition. Marc Jacquard SR. Systems Engineer Fujitsu America, INC. Hilo Office email: [EMAIL PROTECTED] Telephone: 808-934-4103 Pager: 888-787-5814 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Firebird Sent: Wednesday, Septemb

[FW1] Site Server

2000-09-27 Thread MJohnston
Are there any ports that need to be opened on FW1 to allow Site Server to push and pull web content to/from the localnet to web servers on the Internet? Thanks, Michelle _ Michelle Johnston Network Manager, NHRA 2035 Financial Way Glendora, CA 91741 phone: 626-914-4761 x256 f

[FW1] automating script to restart MDQ

2000-09-27 Thread c_siddika
Hi All, I have a script but it does not seem to work. I also need to automate the script to run every 60 minutes through some kind of cron job. Can you tell me what is wrong with the script and how can I automate it. I would appreciate a quick response. Here is the script (restartmdq) I have w

[FW1] Installing SP2 on Solaris 2.8

2000-09-27 Thread Firebird
Hi guys, I just decided this afternoon to install SP2 on the Cp FW-1 v4.1 install we have on a Solaris 8 SUN station. Installing the FireWall was quite easy, now I encountered the problem, after downloading SP2, gunzipped an untarred it, that I couldn't find any doc on How to install or

RE: [FW1] UDP Port 43188?

2000-09-27 Thread Daniel Kieng
Here is the company name that scan your network. Good luck! Northern Telecom, Inc. (NET-NTMTV) 685A East Middlefield Road Mountain View, CA 94039 Netname: NTMTV Netnumber: 137.135.0.0 Coordinator: Yamaoka, Cliff (CY30-ARIN) [No mailbox] (415) 940-2245 > Daniel Ki

Re: [FW1] UDP Port 43188?

2000-09-27 Thread David C. Diemer
Documentation I have says this TCP port is commonly used for ReachOut. David C. Diemer, CCSA, CNE Enterprise Security Firewall Engineer Georgia Department of Administrative Services (DOAS) [EMAIL PROTECTED] 404.651.9677 >>> "Jarmoc, Jeff" <[EMAIL PROTECTED]> 09/27/00 02:23PM >>> I'm noticing l

RE: [FW1] SR 4165 + IKE + NAT = broken

2000-09-27 Thread Jim Brown
Craig, I think I have seen this problem before. Encrypted packet=external DSL router IP and decrypted packet=private client IP. The firewall will decrypt the packet and then make a routing decision. The decrypted packet will have the actual private address of the client behind the DSL router. I

Re: [FW1] UDP Port 43188?

2000-09-27 Thread Jason Witty
>From http://www.wittys.com/files/all-ip-numbers.txt , this is supposedly "Reachout". Reachout is an application very similar to pcAnywhere, Remotely Possible (Control IT), VNC, etc. Hope this helps! Jason "Jarmoc, Jeff" wrote: > > I'm noticing lots of entries in my logs destined for this po

RE: [FW1] Install on AIX ???

2000-09-27 Thread Joe Voisin
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 It runs fine, just follow the instructions. It was really simple as long as you follow the instructions to the letter. ;-) I also recommend getting service pack 2 installed once you have it installed. Make sure that your version of AIX is suppor

Re: [FW1] E-Security Monitoring

2000-09-27 Thread Scott Schindler
Our solution is not about replacing employees. This is not a management software piece. It is about maintenance and notification. We will also have the capability of pushing upgrades and service packs to all of the machines in the future, but that is not our current goal. Our company does hav

[FW1] UDP Port 43188?

2000-09-27 Thread Jarmoc, Jeff
I'm noticing lots of entries in my logs destined for this port. The source IP is 137.135.128.101 which belongs to Nortel according to ARIN. However, the ARIN contact information is out of date. Does anyone know what this port would be used for? I'm receiving at least one packet every 5 second

RE: [FW1] Install on AIX ???

2000-09-27 Thread Jason Maley
It is in the getting started manual. (Just use smit to do the install - also make sure that the OS version is supported before trying the install). -Jason -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Nicolas MIET Sent: Wednesday, September 27, 2000 8

[FW1] Advice requested on proxy URL filtering

2000-09-27 Thread Jim Hutchison
Greetings all,   Looking for advice on http content filtering.    Actually, my prime objective is to deploy a Unix-based proxy server that has real-time content filtering that can report on NT user names, not just IPs.  Am I asking for too much in one product?   Any/all feedback appreciated

[FW1] Accelerator Card

2000-09-27 Thread wbsteele
I am trying to get a VPN Accelerator card installed and running in a Sun Ultra 60 with Solaris 7. After installing the device, booting the machine and getting to the OK prompt, running show-devs lists the device as pcicafe,1@2. I understand this to mean that the Ultra 60 sees the card. Then I i

[FW1] URL Filtering - Web Browsing problem

2000-09-27 Thread Faris, Craig
I was wondering if anyone else has experienced this.   I use FW-1 v4.0sp5 on NT4SP5. When users access websites using the FQDN of the site they are often returned the IP address to the address bar of their browser.  Some sites have a big problem with this since subsequent browses to sub page

RE: re[2]: [FW1] Installing SecuRemote on Windows 2000

2000-09-27 Thread Dan Hitchcock
I've had a pretty major problem with SR on Win2k - wanted to know if anyone else has had it, as it may explain the delay. When connected via SR, I can do just about everything EXCEPT copy a file TO a mapped drive. I can copy files down from the server/share without problems, but when attempting

RE: [FW1] Suddenly can't access to http

2000-09-27 Thread Barringer Nick
Check that the box has enough memory - sounds strange, but I've had only HTTP traffic stop under solaris 2.6 for that reason. Nick -Original Message- From: Gan Hian Ming [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 27, 2000 12:44 PM To: [EMAIL PROTECTED] Subject: [FW1] Suddenly

RE: [FW1] Live365

2000-09-27 Thread Tim Cullen
You may want to take a more feasible approach. Do an nslookup on the site. Block that site first. If you still see it then blocking multiple destinations. >From what I can see of this service you have to log in to the main site to get the radio stations. Once you log in you can go to the di

RE: [FW1] Live365

2000-09-27 Thread rphelan
I just setup a domain as .live365.com and blocked all access. thanks [EMAIL PROTECTED]

RE: re[2]: [FW1] Installing SecuRemote on Windows 2000

2000-09-27 Thread Faulkner, Andy
I spoke to the one of the product leaders for the SecuRemote product and they still do not have a firm date on when the client will be released. I think that is pitiful. The RC2 client is a fully functional client with very few problems. It is actually as reliable if not a little more than

Re: [FW1] Installing SecuRemote on Windows 2000

2000-09-27 Thread Nico De Ranter
I had a look a the beta program, but if I understand the license correctly I will need to provide them with a name of somebody they can contact, allow them to visit our site (ok, I'm quite sure they won't do that :-) and send them a written report at the end of the trial. I really don't have tim

RE: [FW1] Live365

2000-09-27 Thread rphelan
How would I find that out? Just take the ip's from the log? There are several. Thomas.Poole@gec

RE: re[2]: [FW1] Installing SecuRemote on Windows 2000

2000-09-27 Thread Thomas . Poole
No way they can wait until next year to support Windows 2000 with securemote. I'm not sure what the deal is, but many companies are [sniff!] moving to w2k prof as the support image/platform for remote support. Companies I support are actually looking at L2TP. I'd like to know what the holdup is?

RE: [FW1] RE:

2000-09-27 Thread Bradley Wendelboe
There is the matter of dynamic IPs > -Original Message- > From: amanda [SMTP:[EMAIL PROTECTED]] > Sent: Wednesday, September 27, 2000 9:50 AM > To: [EMAIL PROTECTED] > Cc: [EMAIL PROTECTED] > Subject: [FW1] RE: > > Why would you use SecuRemote on Windows 2000? I think that

RE: [FW1] E-Security Monitoring

2000-09-27 Thread Thomas . Poole
Many small-medium sized companies that it seems you are trying to target are also not capable of hiring/maintaining a security staff. Most rely on a VAR to support the firewall Will your company, along with handling logs, be able to handle change management, setup VPN's, manage user acc

RE: re[2]: [FW1] Installing SecuRemote on Windows 2000

2000-09-27 Thread Joe Voisin
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 No kidding! ;) I don't know what the heck they are waiting for? It seems to be months and months between release clients too. It's quite concerning.. Maybe they are going to wait until everyone's support expires and then license the remote clien

RE: [FW1] Live365

2000-09-27 Thread Thomas . Poole
Find every IP the domain is associated with, group the IP's as 365domain and drop all traffic destined. -Thomas Poole -Original Message- From: Regis Phelan [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 27, 2000 11:16 AM To: [EMAIL PROTECTED] Subject: [FW1] Live365 How can I b

[FW1] Live365

2000-09-27 Thread Regis Phelan
How can I block this site live365.com I tried blocking the ports it comes in on but it seems like they use 20 different ones. Thanks To unsubscribe from this mailing list, please see the instructions at

Re: [FW1] Syndefender False Positives

2000-09-27 Thread David C. Diemer
Sure. SynDefender may drop packets if the timeout is too short. The timeout will determine if the firewall should perform a RST to the destination. After using it, I think passive makes more sense than active since the firewall doesn't "broker" the connection request on behalf of the desti

re[2]: [FW1] Installing SecuRemote on Windows 2000

2000-09-27 Thread B.J. Park
The SecuRemote beta works fine here too. I'm thinking they might be waiting to release the version for win 2000 with their firewall-1 5.0 which is coming out next yr. Just a thought. bj To unsubscribe from

RE: [FW1] FW1 Trend Applet Trap

2000-09-27 Thread Varnam, Gary
It should say CVP Applet Trap not UFP. I will end up with a CVP Applettrap and UFP Websense server. Gary -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: 27 September 2000 16:00 To: Varnam, Gary; [EMAIL PROTECTED] Subject: RE: [FW1] FW1 Trend Applet Trap I t

[FW1] E-Security Monitoring

2000-09-27 Thread Scott Schindler
(Shameless sales.  Check Point monitoring included.  That's why I put it on this list.)   Do you monitor your system logs every week?  Every day?  Every second?   We can. Your Check Point firewall and all of your other application servers put some very important information in their respecti

[FW1] RE:

2000-09-27 Thread amanda
Why would you use SecuRemote on Windows 2000? I think that Win2k is supposed to include a IPsec VPN client in the OS. Amanda. On Wed, 27 Sep 2000, Mike Glassman - Admin wrote: > The standard SecuRemote is for Win9X and NT only. It will not run on Win2K. > > In order to get the Win2K version wh

RE: [FW1] FW1 Trend Applet Trap

2000-09-27 Thread Jeroen_Dongen
I think your 2nd option won't work. As far as I know one can have only 1 UFP resource for a particular rule. Jeroen -Original Message- From: Varnam, Gary [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 27, 2000 4:09 PM To: [EMAIL PROTECTED] Subject: [FW1] FW1 Trend Applet Trap

[FW1] FW1 Trend Applet Trap

2000-09-27 Thread Varnam, Gary
Hello, Current we use the firewall to drop any Java and ActiveX. However we have been forced to look at ways to allow Java and ActiveX but still protect the network from malicous code. My boss as dropped "Trend InterScan AppletTrap" which scans for malicous code in Java/JavaScript and ActiveX a

[FW1] Syndefender False Positives

2000-09-27 Thread John W. Booth
I am using the Syndefender features with FW-1. I am seeing alot drops siting rule 0 and Syndefender. Does anyone know any typical false positives for this type of behavior ? __ Do You Yahoo!? Send instant messages & get email alerts with Yahoo! M

RE: [FW1] List Archive

2000-09-27 Thread Zeltser, Roman
I would recommend you to explore the following page where you may find the links to the multiple archives and FW-1 FAQ sites. http://www.rtek2000.com/Tech/InternetSecureLinks.html = Best, Roman M. Zeltser RS Information Systems, Inc. 410-

RE: [FW1] Installing SecuRemote on Windows 2000

2000-09-27 Thread Mike Glassman - Admin
The standard SecuRemote is for Win9X and NT only. It will not run on Win2K. In order to get the Win2K version which is in beta, you need to go the the CP beta site and register and they will send you a version. The beta version has been working here for two months sanse probs so far, so I really

[FW1] Availability of FWZ1 patches for fw-1 v4.0 [VPN]

2000-09-27 Thread Roy Hills
I've noticed that the Checkpoint download site only lists the VPN+DES and VPN+STRONG (3DES) versions of the service packs for Firewall-1 v4.0 on Windows-NT. Previously, VPN (i.e. FWZ1 encryption) versions were also available, but these are no longer listed. I assume that there were also once "n

RE: [FW1] URL Filters

2000-09-27 Thread Zeltser, Roman
Title: URL Filters I would recommend you to explore the following page where you may find the links to the content filtering tools: http://www.rtek2000.com/Tech/InternetSecureLinks.html#filt Also, you may want to bookmark the following link if you find it useful: http://www.rtek2000.com/ourus

RE: [FW1] Installing SecuRemote on Windows 2000

2000-09-27 Thread Andy David
Yes, Use the w2k beta Andy David J. Muller International / Egis, Inc. -Original Message- From: Nico De Ranter [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 27, 2000 9:07 AM To: [EMAIL PROTECTED] Subject: [FW1] Installing SecuRemote on Windows 2000 Howdy, I'm trying to in

RE: [FW1] vpn problems

2000-09-27 Thread GibsonB
Title: RE: [FW1] vpn problems My suspcicion is that you do not have your encryption domain set up properly for the Linux to NT encryption.  From what you are saying there the following is happening. Net A -> NT -> Internet -> Linux -> Net B When you send a ping from Net A to Net B the N

[FW1] Problem with IKE

2000-09-27 Thread Joe Voisin
I have been having a problem with IKE for a while. I have just realized that it has to do with our remote firewall only. I am unable to get IKE (3DES) encryption to work when attempting to encrypt data across either the Internet or our Dedicated T1. I can see my end encrypting, but the remote

[FW1] Install on AIX ???

2000-09-27 Thread Nicolas MIET
Hello, Who got an installation procedure for CheckPoint 4.1 (or CheckPoint 2000) on AIX Thx. To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.

Re: [FW1] More AKAMAI....

2000-09-27 Thread Robert MacDonald
Carl, Are you referring to RFC1918 addresses? Technically these are routable, but _most_ ISP will drop these(this is where most say they are not routable.) But if they originate from the ISP, they can do what they want. What does your ACL's look like for blocking these? Should be something like(

RE: [FW1] Nokia static route problem with rfc 1918 (private address space u sing 192.168.1.x)

2000-09-27 Thread GibsonB
Title: Nokia static route problem with rfc 1918 (private address space using 192.168.1.x) While I am not certain I suspect that IPSO doesn't like that address because .6 would nominally be the broadcast address for that subnet.  If you either increased the subnet size or tried .5 or .4 it wou

[FW1] Installing SecuRemote on Windows 2000

2000-09-27 Thread Nico De Ranter
Howdy, I'm trying to install the SecuRemote client on Windows 2000. I downloaded the latest 4.1 SP2 client (build 4165) (which should work according to phoneboy.com) but when I run the installation program I get a message that the client needs nt 4.0. Did anybody succeed in getting SecuRemote t

RE: [FW1] Securemote Issue....

2000-09-27 Thread GibsonB
Title: RE: [FW1] Securemote Issue I would suggest that you either make sure that SecuRemote is bound only to dial-up adapters or release the IP address from the NIC when you bring the machine home. > -Original Message- > From: Amit Saha [mailto:[EMAIL PROTECTED]] > Sent: Wednesday

[FW1] Export rulebase from v4.0 / Import rulebase to v4.1

2000-09-27 Thread Graham Leggett
Hi all, I have an existing v4.0 firewall installation. Going through the upgrade procedure turned out to be a disaster, so we're going with plan B: Install v4.1 from scratch. So - we have an up-and-running working parallel v4.1 installation sitting next to the original v4.0 installation. We now

RE: [FW1] URL Filters

2000-09-27 Thread Stephan Dubeau
I agree with you Mike on all point, we bought WEBSENSE and now just recently upgrade from 3.12 to 4.2 (Win NT for Firewall-1) and it is working great. I never have the problem describe in this list a few week's ago. It's working flawlessly for 1 mouth now (on 4.2). Very satisfied with it and I w

RE: [FW1] Securemote Issue....

2000-09-27 Thread Andy David
Remove NIC before you boot. Andy David J. Muller International / Egis, Inc. -Original Message- From: Amit Saha [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 27, 2000 6:52 AM To: Fw-1-Mailinglist (E-mail) Subject: [FW1] Securemote Issue Hello All, we have Checkpoint 4

[FW1] Suddenly can't access to http

2000-09-27 Thread Gan Hian Ming
Title: Suddenly can't access to http  Hi there, I am hoping someone there can give me some help on this problem I have. My company firewall just upgrade to version 4.1 on August. The firewall also is a DNS server.  It can't access to internet and it's happen twice, one on August a

RE: [FW1] Upgrade NT 4.0 SP6a VPN-1 4.1 SP1 To Windows 2000

2000-09-27 Thread Thomas . Poole
Since the 4.1 sp2 software for w2k is still in beta, I would say that checkpoint would not recommend this at all. sp1 will not run on w2k correctly. Thomas Poole -Original Message- From: Bob Bisignani [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 26, 2000 2:26 PM To: [EMAIL PROTEC

Re: [FW1] URL Filters -- Websense

2000-09-27 Thread the kaptain
hmm, i'm eval'ing websense v4 w/ fw-1 and it seems to work ok, but that's another matter. you could also take a look at surfwatch or surfcontrol (they're one company now, but i think they still support 2 different products) they're a bit different in that surfxxx uses a sniff and spoof technique,

[FW1] Unknown WWW Server

2000-09-27 Thread Mike Anning
I am still having problems with this error message when attemtping to access certain web sites through our Nokia, http://www.google.com is one good example. Running IP 440 with V4.0 SP5 IPSO 3.1.2 and Websense 3.12. I have tried the objects.C modifications in Nokia Resloution 3043 and also che

[FW1] Securemote Issue....

2000-09-27 Thread Amit Saha
Hello All, we have Checkpoint 4.1 SP1 and we are using securemote to connect to our internal LAN via internet. However, there are some laptops which are used in office as well as home. I have bound the securemote to the dial-up adapter. (OS is windows 98). When i am using the laptop in the offic

RE: [FW1] eSafe v3.0 and/or v2.1 build 101 - a quick look

2000-09-27 Thread Samuel Wuethrich
I'm running at different customer sites using espg 21. build 101 on NT 4.0 SP6. Works well. May you can tell me off-line which problems you want to point out. As Mike already said, Esafe 3 is another story. 'Playing' with Esafe 3.0 it seems that this version acts like a kind of Firewall because y

[FW1] authentification between FW-1

2000-09-27 Thread Bernard LE ROUX
> Hello all, > I have one FW-1 management and 20 FW-1 modules on NT4 server. The wan is > ISDN between differents FW-1. > When the authentification fail between management consoles and FW-1 > module > , the module try to authenticate every 30 seconds > (this is a normal) to the management conso

  1   2   >