Re: [FW-1] Problems with DMZ network with NG AI R54!

Subject:	Re: [FW-1] Problems with DMZ network with NG AI R54!
From:	Lars Higham <lhigham AT YAHOO DOT COM>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Fri, 26 Mar 2004 14:30:41 -0400

Hello Raz,

Can your DMZ be reached from the Internet with the firewall software stopped
(leaving IP forwarding on)?

Obviously you don't want to leave it like this for any length of time, only
for reachability testing.

Regards,
Lars Higham

-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of Raz 
BIRAMAH
Sent: Friday, March 26, 2004 1:30 PM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: [FW-1] Problems with DMZ network with NG AI R54!

Hi All,

Could somebody help me? I have a FW module with 4 interfaces dispatched like
this :

-          eth0 connected to the LAN via a switch
-          eth1 connected to the VPN via a Cisco VPN Router
-          eth2 connected to the DMZ via a switch
-          eth3 connected to Internet via a VSAT Router (RG2000)

Despite putting a specific rule, just after the Stealth one, which specifies
that all traffic from ANY to DMZ_NET must be allowed, my DMZ servers can't
be reach from the Internet. But from the LAN everything is ok.

Is it any specific configuration to do on the FW module (installed on
SPLAT)?

Thanks a lot

Raz

=================================================
To set vacation, Out-Of-Office, or away messages, send an email to
LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] Problems with DMZ network with NG AI R54!, Raz BIRAMAH Re: [FW-1] Problems with DMZ network with NG AI R54!, Lars Higham <= Re: [FW-1] Problems with DMZ network with NG AI R54!, Robert Plaenk [FW-1] RE : [FW-1] Problems with DMZ network with NG AI R54!, Raz BIRAMAH

Previous by Date:	Re: [FW-1] R55 HFA02, Israel Novelo Zel
Next by Date:	[FW-1] Problem with https from and external defined network to an internal host, Michael Guyear
Previous by Thread:	[FW-1] Problems with DMZ network with NG AI R54!, Raz BIRAMAH
Next by Thread:	Re: [FW-1] Problems with DMZ network with NG AI R54!, Robert Plaenk
Indexes:	[Date] [Thread] [Top] [All Lists]