Re: [FW-1] FW-1: too many internal hosts (655) detected

Subject:	Re: [FW-1] FW-1: too many internal hosts (655) detected
From:	"Diego F. Lastra S." <dlastra AT XERTIX DOT COM>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Sat, 20 Aug 2005 09:14:15 -0500

Thanks David (I'll call you next week) and Reinhard,
What are the consequences of leaving this firewall as is at this moment?
Am I going to have problems with the traffic passing trough the firewall?

-----Mensaje original-----
De: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] En nombre de cisco4ng
Enviado el: Saturday, August 20, 2005 8:43 AM
Para: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Asunto: Re: [FW-1] FW-1: too many internal hosts (655) detected

Diego et al,
 
You can get a work around by putting host that use "hide" NAT behind a cisco
router and
"hide" NAT from the cisco devices.  Place all the STATIC device in front of
the the cisco router
and behind the checkpoint device.  That will solve your too many hosts
problem because
the checkpoint will also see the cisco router's IP and the STATIC NAT IPs.  
 
This may violate checkpoint licensing agreement but what the hell.
Checkpoint software is
overprice anyway so this makes sense.
 
David

Reinhard Stich <r.stich AT INTERNET-SECURITY DOT AT> wrote:
At 00:50 20.08.2005, you wrote:
>I talked with someone at checkpoint and told me that only hosts with a
>NAT(either Hide or Static) are taken into account when licensing.

that's wrong.

>My firewall has a 25 Hosts license but obviously has more hosts inside,
>(without NAT), and only 5 hosts have Static NAT.
>
>Does anyone have a clue?

all internal hosts that have the fw as default gw and route traffic 
there are counted.

cheers
reinhard

>=================================================
>To set vacation, Out-Of-Office, or away messages,
>send an email to LISTSERV AT amadeus.us.checkpoint DOT com
>in the BODY of the email add:
>set fw-1-mailinglist nomail
>=================================================
>To unsubscribe from this mailing list,
>please see the instructions at
>http://www.checkpoint.com/services/mailing.html
>=================================================
>If you have any questions on how to change your
>subscription options, email
>fw-1-owner AT ts.checkpoint DOT com
>=================================================

-- 
Reinhard Stich ASSIST R.Stich AT internet-security DOT at
Internet Security AG, 1150 Wien, Johnstrasse 29
Tel: +43 1 3709440 RS784-RIPE Fax: +43 1 3709440-333 

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

                
---------------------------------
Yahoo! Mail for Mobile
 Take Yahoo! Mail with you! Check email on your mobile phone.

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] FW-1: too many internal hosts (655) detected, Diego F. Lastra S. Re: [FW-1] FW-1: too many internal hosts (655) detected, Reinhard Stich Re: [FW-1] FW-1: too many internal hosts (655) detected, cisco4ng Re: [FW-1] FW-1: too many internal hosts (655) detected, Diego F. Lastra S. <= Re: [FW-1] FW-1: too many internal hosts (655) detected, Jørn Dahl-Stamnes Re: [FW-1] FW-1: too many internal hosts (655) detected, Reinhard Stich Re: [FW-1] FW-1: too many internal hosts (655) detected, Reinhard Stich Re: [FW-1] FW-1: too many internal hosts (655) detected, Alan Choyna Re: [FW-1] FW-1: too many internal hosts (655) detected, Chris Lyon Re: [FW-1] FW-1: too many internal hosts (655) detected, Ray Re: [FW-1] FW-1: too many internal hosts (655) detected, David DeSimone Re: [FW-1] FW-1: too many internal hosts (655) detected, cisco4ng Re: [FW-1] FW-1: too many internal hosts (655) detected, Nguyen, PB

Previous by Date:	[FW-1] NGX and hyperthreading (single CPU), Bill Mathews
Next by Date:	Re: [FW-1] FW-1: too many internal hosts (655) detected, Jørn Dahl-Stamnes
Previous by Thread:	Re: [FW-1] FW-1: too many internal hosts (655) detected, cisco4ng
Next by Thread:	Re: [FW-1] FW-1: too many internal hosts (655) detected, Jørn Dahl-Stamnes
Indexes:	[Date] [Thread] [Top] [All Lists]