Re: [FW-1] DHCP Service

Subject:	Re: [FW-1] DHCP Service
From:	"Stachowicz,Mark" <Mark.Stachowicz AT GARTNER DOT COM>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Thu, 23 Dec 2004 14:57:51 -0500

I tried creating a rule allowing udp/67 traffic to 255.255.255.255 and
it still is dropped on that rule.  Strange.

Should I just create a new DHCP server on another box other than my
gateway?

-ms

-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of Crist
Clark
Sent: Thursday, December 23, 2004 12:21 PM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: Re: [FW-1] DHCP Service

Stachowicz,Mark wrote:
> I am running Checkpoint management and gateway software on my Windows
> 2003 server which also acts as the DHCP server for my network.
>
> Unless I open up the policy totally,  DHCP requests do not work.  I
> get an error in the log when a DHCP request comes through which simply

> drops the request with no reason.  Even if there is a rule implicity
> specifying to allow tcp 67 to the DHCP server,  it still drops the
> packets on that rule.
>
> Any ideas?

The initial DHCP discovery from the clients will be broadcast; they will
not be sent to the DHCP server's address. Do you allow 67/udp sent to
255.255.255.255? Do you have a capture of packets that are dropped?
--
Crist J. Clark                               crist.clark AT globalstar DOT com
Globalstar Communications                                (408) 933-4387

=================================================
To set vacation, Out-Of-Office, or away messages, send an email to
LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your subscription options,
email fw-1-owner AT ts.checkpoint DOT com
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] DHCP Service, Stachowicz,Mark Re: [FW-1] DHCP Service, Crist Clark Re: [FW-1] DHCP Service, Stachowicz,Mark <= Re: [FW-1] DHCP Service, Crist Clark Re: [FW-1] DHCP Service, David Gillett Re: [FW-1] DHCP Service, Tarmo Mamers

Previous by Date:	Re: [FW-1] Cold stand-by managment server, Patrick Marquetecken
Next by Date:	[FW-1] General Setup Question, <David James>
Previous by Thread:	Re: [FW-1] DHCP Service, Crist Clark
Next by Thread:	Re: [FW-1] DHCP Service, Crist Clark
Indexes:	[Date] [Thread] [Top] [All Lists]