Re: [FW-1] stop SmartDefence on remotely managed Edge

Subject:	Re: [FW-1] stop SmartDefence on remotely managed Edge
From:	Ray <sixsigma44 AT HOTMAIL DOT COM>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Thu, 20 Jul 2006 11:09:46 -0400

This questrion might be answered faster over on the Discussion Groups ofhttp://www.sofaware.com (lower left part of the home page). Their techsupport people monitor the forums and post replies as well as it being usedto user-to-user support.

Ray

From: Motta Corrado <Corrado.Motta AT RTSI DOT CH>

Reply-To: Mailing list for discussion of Firewall-1<FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>

To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: [FW-1] stop SmartDefence on remotely managed Edge
Date: Thu, 20 Jul 2006 14:48:10 +0200

Hi Gurus.

Situation:
----------
Central managed CP on Splat R61
Remote X-edge Embedded NGX-6.0.76x

SmartDefence on the R61 have this configuration in ApplicationInteligence:
FTP
  |--> FTP security server
                |--> Block Port Overflow turned off (not checked)

|--> Blocked FTP command with all commands inside the "allowed commandslist"


SmartDefence on the NGX-6.0.76x have this configuration:
FTP
 |--> Block Port Overflow: Action None (via web interface)
 |--> Blocked FTP command: Action None (via web interface)
                                   no blocked commands

Problem:
--------
I install the policy on the xEdge via SmartConsole
and the settings change into:
FTP
 |--> Block Port Overflow: Action Block
 |--> Blocked FTP command: Action Block
                                   no blocked commands

Symptoms:
- Nobody is able to setup an FTP session trough the xEdge.
- The logs are like this one:
        Product:                VPN-1 Edge
        Origin:                 xEdge
        Type:                   Log
        Action:                 Reject
        Protocol:               tcp
        Service:                ftp (21)
        Source:                 a.a.a.a
        Destination:            b.b.b.b
        Rule:                   -22
        Source Port:            3097
        Attack Name:            FTP Illegal command
        File Direction:         Outbound
        Information:                    msg: Packet logged

- If I try to change the setting on the xEdge: "Error: This configurableitem is remotely managed."

- xEdge Restart ==>  no problem If I try to change the setting on the xEdge
                                and all the FTP session run correctly.

I think that's a bug.
Waiting the bug-resolution,

I would like to know if is it possible to disable the "Smartdefence agent"on the xEdge?


Regards

Corrado

******************************************************
Visit: http://www.rtsi.ch

This email and any files transmitted with it are confidential and intendedsolely for the use of the individual or entity to whom they are addressed.If you have received this email in error please notify postmaster AT rtsi DOT ch


=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================


=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] stop SmartDefence on remotely managed Edge, Motta Corrado Re: [FW-1] stop SmartDefence on remotely managed Edge, Ray <= Re: [FW-1] stop SmartDefence on remotely managed Edge, Rick Centner Re: [FW-1] stop SmartDefence on remotely managed Edge, Motta Corrado Re: [FW-1] stop SmartDefence on remotely managed Edge, Joe Matusiewicz Re: [FW-1] stop SmartDefence on remotely managed Edge, Ray Re: [FW-1] stop SmartDefence on remotely managed Edge, Ray Re: [FW-1] stop SmartDefence on remotely managed Edge, Motta Corrado Re: [FW-1] stop SmartDefence on remotely managed Edge, Motta Corrado Re: [FW-1] stop SmartDefence on remotely managed Edge, Ray

Previous by Date:	Re: [FW-1] SmartDefense Opinion, Ray
Next by Date:	Re: [FW-1] stop SmartDefence on remotely managed Edge, Rick Centner
Previous by Thread:	[FW-1] stop SmartDefence on remotely managed Edge, Motta Corrado
Next by Thread:	Re: [FW-1] stop SmartDefence on remotely managed Edge, Rick Centner
Indexes:	[Date] [Thread] [Top] [All Lists]