-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
It's impossible to disable the default security policy however you
may always create a last rule for the outbound rule as alluser@any -
any - any - accept. This will permit all traffic when not connected
to the policy server.
HTH
- - - - - -
Contact us for your Security Training!
http://www.avance.info/ATC
- - - - - -
Simon Desmeules
AVANCE Services Réseaux
440 Boul. René Lévesque ouest,
15 ème étage
Montréal, (Qué)
H2Z 1V7
sdesmeules AT avance DOT info
T:514 866-0271 #140 | F:514 866-7631 | C: 514 712-3309
- -----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of Ray
Sent: Sunday, January 30, 2005 4:24 PM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: Re: [FW-1] Default policy in secure client
There's no way to make it go away, however the default policy is the
set of
rules that apply to the "allusers@any" group. If you set those
inbound and
outbound rules to "any service-accept", you'll have the same effect.
Unless you have a separate firewall protecting the computers, it's a
really
bad idea though.
Ray
>From: Tinu Koshy <tinu.koshy AT CWGOINDIA DOT COM>
>Reply-To: Mailing list for discussion of Firewall-1
><FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>
>To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
>Subject: [FW-1] Default policy in secure client
>Date: Sun, 30 Jan 2005 11:48:02 +0530
>
>Hi All,
>
>Would any one know how to disable the Default Policy on a secure
>client. I am looking for an option wherein the default policy will
>not be enabled once you are disconnected from the Policy Server. I
>am aware of options wherein you can manually disable the default
>policy but that does not help my requirements.
>
>I was wondering whether there are any parameters we can tweak to
>disable the default policy or modify the default policy for secure
>client.
>
>Regards,
>Tinu Koshy
>
>This email and any files transmitted with it are confidential and
>intended solely for the use of the individual addressee(s) or
>entity to whom they are addressed and may contain confidential or
>privileged information. If you are not the intended recipient,
>please notify the sender at Cable & Wireless or
>it.helpdesk AT cwgoindia DOT com immediately and destroy all copies of
>this message and any attachments.
>This footnote also confirms that this email message has been swept
>for the presence of computer viruses. While Cable & Wireless has
>taken reasonable precautions to minimise the risk of any attachment
>to this email containing viruses, we cannot accept liability for
>any damage which you sustain as a result of any such viruses. You
>should carry out your own virus checks before opening this
>document.
>
>
>
>This e-mail has been scanned for viruses by the Cable & Wireless
>e-mail security system - powered by MessageLabs. For more
>information on a proactive managed e-mail security service, visit
>http://www.cw.com/uk/emailprotection/
>
>The information contained in this e-mail is confidential and may
>also be subject to legal privilege. It is intended only for the
>recipient(s) named above. If you are not named above as a
>recipient, you must not read, copy, disclose, forward or otherwise
>use the information contained in this email. If you have received
>this e-mail in error, please notify the sender (whose contact
>details are above) immediately by reply e-mail and delete the
>message and any attachments without retaining any copies.
>
>=================================================
>To set vacation, Out-Of-Office, or away messages,
>send an email to LISTSERV AT amadeus.us.checkpoint DOT com
>in the BODY of the email add:
>set fw-1-mailinglist nomail
>=================================================
>To unsubscribe from this mailing list,
>please see the instructions at
>http://www.checkpoint.com/services/mailing.html
>=================================================
>If you have any questions on how to change your
>subscription options, email
>fw-1-owner AT ts.checkpoint DOT com
>=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1
iQA/AwUBQf470vCtLfe/COm3EQITegCfYrGQ5tXL3EFQClDCfSfj4Pxd+DIAoKyF
YU+78m4xIYsYmiLouS9W2y6r
=SsFO
-----END PGP SIGNATURE-----
Consulter notre page web pour votre formation en Sécurité informatique!
Consult our website for your Security training needs!
http://www.avance.info/ATC
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
