You can forget those question... I finally get it to work.
Thank for your help/advice :)
ML
-----Original Message-----
From: Mailing list for discussion of Firewall-1 [mailto:FW-1-MAILINGLIST AT
AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of Michel Lapointe
Sent: March 23, 2005 10:24 AM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: Re: [FW-1] PPTP with Hide NAT on NG55 HFA13
Thank for your help,
I've change 2) on the module, and disabled securedXL.
Does the file rename step need to be done also on the module or only on
the management?
Finally, after doing the file rename, adding the pptp protocol under
object_5_0.C is it normal that PPTP still doesn't appear as a protocol under
TCP/Advanced?
ML
-----Original Message-----
From: Mailing list for discussion of Firewall-1 [mailto:FW-1-MAILINGLIST AT
AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of Bertrand KLOTZ
Sent: March 23, 2005 5:51 AM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: [FW-1] Réf. : [FW-1] PPTP with Hide NAT on NG55 HFA13
Hello
1) You can edit $FWDIR/conf/object_5_0.C or use GUIDbEdit In R/O configuration,
protocols, select a protocol, and objects/new
2) it depends of you platform, see SK25826 For SecurePlatform, you must create
a file $FWDIR/boot/modules/fwkern.conf and add a line:
fw_pptp_enforce_protocol=1
Bertrand
Michel Lapointe <Michel.Lapointe AT LUNINFO DOT COM>@AMADEUS.US.CHECKPOINT.COM>
le
22-03-2005 20:42:55
Veuillez répondre à Mailing list for discussion of Firewall-1
<FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>
Envoyé par : Mailing list for discussion of Firewall-1
<FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>
Pour : FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
cc :
Objet : [FW-1] PPTP with Hide NAT on NG55 HFA13
Hello,
According to Release notes of HFA 13, PPTP behind Hide NAT is supported
since HFA10.
However the "activation" instruction is as usual cryptic at best
:)
According to the instruction you need to:
--------------------------------------------------
Quote
--------------------------------------------------
Add the following object to the database, (you can use the dbedit tool):
: (PPTP_TCP
:AdminInfo (
:LastModified (
:Time ("Mon Aug 27 14:54:08 2003")
:By (CheckPoint)
:From (CheckPoint)
)
:chkpf_uid
("{3D0471FF-9ED1-4762-B7EC-2F73E2E75D4F}")
:ClassName (tcp_protocol)
:table (protocols)
)
:res_type (none)
:handler (pptp_code)
:match_by_seqack (true)
:type (tcp_protocol)
)
This object should be inserted in the 'protocols' set. For example,
below the existing object ENC-HTTP.
--------------------------------------------------
End Quote
--------------------------------------------------
Which file need to be modified? Is it $FWDIR/conf/object_5_0.C or how
do you use the dbedit to create this protocols?
Also, later they say
--------------------------------------------------
Quote
--------------------------------------------------
The global parameter fw_pptp_enforce_protocol has to be set to 1 on the
module. --------------------------------------------------
End Quote
--------------------------------------------------
How do you set this parameter and where? On the management or the
gateways?
Using DBEdit or modifiying a files?
If anybody know what to do for those 2 step, please let me know
Thank
ML
=================================================
To set vacation, Out-Of-Office, or away messages, send an email to LISTSERV AT
amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages, send an email to LISTSERV AT
amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages, send an email to LISTSERV AT
amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
