[FW-1] Antw: Re: [FW-1] sicRenew and sic

Subject:	[FW-1] Antw: Re: [FW-1] sicRenew and sic_util
From:	fwadmin fwadmin <fwadmin AT WDR DOT DE>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Wed, 23 Nov 2005 15:57:08 +0100

One SIC problem i had was with a multi-tier firewall topology
the managment module was behind both firewalls
MGMT-->FW-1 --> FW-2

the implied rules allow SIC from the MGMT-->FW-1  but i could not get SIC to 
work between MGMT and FW-2 until i figured out you had to explicitly allow the 
SIC traffic from MGMT-->FW-2  in the rulebase of FW-1



>>> r.stich AT INTERNET-SECURITY DOT AT 23.11.2005 15:34:57 >>>
hi,

the easiest way of setting up SIC is using the GUI and cpconfig. if 
this does not work check
- date/time
- ports
- routing

with some OPSEC-products you have to setup SIC manually and this is 
more challeging than I should :-)

cheers
reinhard

At 15:26 23.11.2005, you wrote:
>Hi,
>
>we had some trouble with sic at one of our firewalls and stumbeled
>over the two commands (sic<TAB><TAB> ;) during troubleshooting. I was
>just curious what they'll do.
>
>Jens
>
>at 23rd of november 2005 at 15:07 you wrote:
>
> > hi,
>
> > there is: sic_util - sk11365  @ checkpoint's knowledge base
>
> > but - why do you need that?
>
> > cheers
> > reinhard
>
>
>
> > At 14:35 23.11.2005, you wrote:
> >>Hi everyone,
> >>
> >>is there any documentation on sicRenew (comes with CPshrd package) or
> >>sic_util (comes with CPfw1 package) available? So far I had no 
> luck searching.
> >>
> >>Greetings
> >>
> >>Jens
>
>=================================================
>To set vacation, Out-Of-Office, or away messages,
>send an email to LISTSERV AT amadeus.us.checkpoint DOT com 
>in the BODY of the email add:
>set fw-1-mailinglist nomail
>=================================================
>To unsubscribe from this mailing list,
>please see the instructions at
>http://www.checkpoint.com/services/mailing.html 
>=================================================
>If you have any questions on how to change your
>subscription options, email
>fw-1-owner AT ts.checkpoint DOT com 
>=================================================

-- 
Reinhard Stich  ASSIST  R.Stich AT internet-security DOT at 
Internet Security AG,      1150 Wien, Johnstrasse 29
Tel: +43 1 3709440 RS784-RIPE Fax: +43 1 3709440-333 

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com 
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html 
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com 
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] Antw: Re: [FW-1] sicRenew and sic_util, fwadmin fwadmin <=

Previous by Date:	Re: [FW-1] sicRenew and sic_util, Jens Roesen
Next by Date:	Re: [FW-1] GUI connection problem, KEREM ERKAN
Previous by Thread:	[FW-1] sicRenew and sic_util, Jens Roesen
Next by Thread:	[FW-1] NGX HFA01 - tcp-high ports issue not passing over VPN, Rick Centner
Indexes:	[Date] [Thread] [Top] [All Lists]

[FW-1] Antw: Re: [FW-1] sicRenew and sic_util