Re: [FW-1] Basic Rule Question

Subject:	Re: [FW-1] Basic Rule Question
From:	Braintek <braintek AT VIDEOTRON DOT CA>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Thu, 22 Dec 2005 13:41:30 -0500

I would do the following...

Source: Internal-netDestination: Negate DMZService: Any

Action: Accept

Negate DMZ means all except DMZ

----- Original Message -----From: "Ramakrishnan Pillai" <rpillai AT CHARLESTONCOUNTY DOT ORG>

To: <FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>
Sent: Thursday, December 22, 2005 1:35 PM
Subject: Re: [FW-1] Basic Rule Question


You are right on that....RK

jlindblom AT MICO DOT COM 12/22/2005 11:17 AM >>>

Just need some clarification on this, I'm by no means an expert with
Firewall-1.

If I have a rule like this "Internal-net"  "ANY"  "ANY"  "ACCEPT", I'm
assuming this would mean internal users have access to the internet and the
DMZ because of the destination "ANY" is this correct?  If this is correct,
I would need a rule before this one "Internal-net"  "DMZ"  "ANY"  "DROP" to
block access to the DMZ net right .

John

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================



=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] Basic Rule Question, John Lindblom Re: [FW-1] Basic Rule Question, Ramakrishnan Pillai Re: [FW-1] Basic Rule Question, Braintek <= Re: [FW-1] Basic Rule Question, Ramakrishnan Pillai

Previous by Date:	[FW-1] Masami Nagata is out of office, Masami Nagata
Next by Date:	Re: [FW-1] Reseting SIC Manager (console), Luiz H. Guimarães Filho
Previous by Thread:	Re: [FW-1] Basic Rule Question, Ramakrishnan Pillai
Next by Thread:	Re: [FW-1] Basic Rule Question, Ramakrishnan Pillai
Indexes:	[Date] [Thread] [Top] [All Lists]