Firewall-1
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [FW-1] Automatic Creation of Network objects

from Robert Plaenk [Permanent Link]
Subject: Re: [FW-1] Automatic Creation of Network objects
From: Robert Plaenk <rplaenk AT NETCYCLOPS DOT COM>
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date: Tue, 27 Apr 2004 13:46:48 -0400 
The firewall will get the topology based on the interfaces that have
been defined with their netmasks. You can add other networks without any
issues, however if you change the IP address on an interface, then you
need to redefine the topology. By editing the firewall object and
clicking on 'get', it's just that easy. You can do it manually, by
creating the network object that would be connected to that interface,
but personally, in my opinion, if we pay that much money for a Check
Point product, let IT do the work for us ;)

-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of Carlos
Infante
Sent: Tuesday, April 27, 2004 4:26 AM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: Re: [FW-1] Automatic Creation of Network objects

Hi Robert,,
You're right. When you fetch the topology the firewall obtains the
topology, adding new networks, but how the firewall does know the new
networks. According connections table or something like that? Is the
only work-round configuring the topology manually?

Best regards,






Robert Plaenk <rplaenk AT NETCYCLOPS DOT COM>
Sent by: Mailing list for discussion of Firewall-1
<FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>
26/04/2004 15:22
Please respond to Mailing list for discussion of Firewall-1


        To:     FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
        cc:
        Subject:        Re: [FW-1] Automatic Creation of Network objects


Sounds like the objects were created based on topology. What I mean is,
when you build your box, and you define your firewall object, you need
to define the interfaces. When you click on "get" in the interfaces tab,
you will get a prompt to get only the interfaces or get the interfaces
with topology. If you click on that last option, you will get networks
defined like that.

-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of Carlos
Infante
Sent: Monday, April 26, 2004 4:12 AM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: [FW-1] Automatic Creation of Network objects

Dear All,

I'm managing a production Checkpoint Firewall NG FP3. There're two nokia
boxes running IPSO 3.6 and a Management Station with the Check Point
Software and running Windows 2000.

In the network object list appears non-user defined network objects.
Objects are created in the format Net_x.x.x.x, Net_x.x.x.x-0,
Net_x.x.x.x-1and so on. I think these objects are created regarding the
traffic that cross the firewall. If this is true, how I can disalow this
feature? This automatic object creation, is for spoofing purpouses or
for topology ones?

Thanks In Advance

Carlos

=================================================
To set vacation, Out-Of-Office, or away messages, send an email to
LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your subscription options,
email fw-1-owner AT ts.checkpoint DOT com
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages, send an email to
LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your subscription options,
email fw-1-owner AT ts.checkpoint DOT com
=================================================



=================================================
To set vacation, Out-Of-Office, or away messages, send an email to
LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your subscription options,
email fw-1-owner AT ts.checkpoint DOT com
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [FW-1] GUI connection errors, Peter Gavagan, Jr.
Next by Date:  Re: [FW-1] VPN Client and Win2k, Robert Plaenk
Previous by Thread:  Re: [FW-1] Automatic Creation of Network objects, Hiroshi Kubo
Next by Thread:  [FW-1] SPLAT upgrade, Michael Polevoy
Indexes:  [Date] [Thread] [Top] [All Lists]