Hi,
this week-end, I would like migrate my Nokia Cluster in R55, but I have had a
problem with the anti-spoofing.
In R54, anti-spoofing is working well. We have defined group for network behind
the interface.
But when we have migrate to NG AI R55, some of network were blocked by the
antispoofing.
We don't have change the rules.
Particularity : This blocked network are in Private IP, but the router(s) for
reach them are in public IP.
Like this :
WAN
|
LAN ---- CheckPoint----DMZ_1-----Router_IN_Public_IP--------
RangeA:10.X.X.X=>blocked
RangeB:10.Y.X.X=>blocked
RangeC:10 Y.Y.Y=>not blocked
I have force the Anti-spoofing configuration on DMZ_1 interface for allow the
Blocked Network, but since results.
I have had to downgrade to R54.
Somebody has an idea ?
Thanks
Gildas COUTANSAIS
NETsite S.A.
Rue de Waremme,31
4257 - Berloz
Gén: +32 19/33.97.00
Fax: +32 19/33.97.01
GSM: +32 478/78.93.61
http://www.netsite.be
mailto:gildas.coutansais AT netsite DOT be
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
