I'm having some problems with a new ipso cluster. We are segmenting an
extranet, application, management and db subnets with this VRRP cluster. We
are doing the same thing at another site running R54 and rule base is
derived from the R54 cluster currently in production. I'm having basically
two issues:
1. On the management subnet I have some terminal servers for remote access.
These boxes are allowed to talk to all subnets on "any" traffic, but
terminal services manager does not see any remote systems that are
manageable. I do not see any drops in the logs, I have disabled smart
defense, and am logging implied rules.
2. Also from the terminal servers on the management subnet I cannot run the
Microsoft cluster admin. Traffic to the MS SQL boxes are allowed but the
corresponding return traffic is being dropped by the drop rule. The traffic
appears to be RPC traffic as the source port from the Terminal Servers is
135. I have created a rule with the all_dce_rpc service but it does not
appear to alleviate the situation. If I create a DB network to TS network
on any service rule the MS cluster admin opens without incident. Neither of
these changes affects the first issue.
Any input would be appreciated,
Tim
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
