[FW-1] Réf. : Re: [FW-1] PPTP/HIDE NAT

Subject:	[FW-1] Réf. : Re: [FW-1] PPTP/HIDE NAT
From:	Bertrand KLOTZ <bklotz AT GFI DOT FR>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Mon, 24 Jul 2006 17:17:07 +0200

Hi Sasha

You must declare the PPTP_TCP protocol
use the guidbedit, and in the protocol table, add the PPTP_TCP protocol
with class tcp_protocol.
After saving,  open the $FWDIR/conf/objects_5_0.C locate the PPTP_TCP
definition and if necessary,  add lines

:res_type (none)
:handler (pptp_code)
:match_by_seqack (true)
:type (tcp_protocol)

Bertrand



|---------+-------------------------------------------->
|         |           Sascha Picchiantano              |
|         |           <sascha AT PICCHIANTANO DOT DE>         |
|         |           Envoyé par : Mailing list for    |
|         |           discussion of Firewall-1         |
|         |           <FW-1-MAILINGLIST AT AMADEUS.US DOT CHEC|
|         |           KPOINT.COM>                      |
|         |                                            |
|         |                                            |
|         |           06/07/2006 17:06                 |
|         |           Veuillez répondre à Mailing list |
|         |           for discussion of Firewall-1     |
|---------+-------------------------------------------->
  
>----------------------------------------------------------------------------------------------------------|
  |                                                                             
                             |
  |       Pour :    FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM           
                                    |
  |       cc :      (ccc : Bertrand KLOTZ/DE3I/GFI/fr)                          
                             |
  |       Objet :   Re: [FW-1] PPTP/HIDE NAT                                    
                             |
  
>----------------------------------------------------------------------------------------------------------|




Hi there again Betrand,


>> - add the line fw_pptp_enforce_protocol=1  in the
>> $FWDIR/modules/fwkern.conf file
>> - declare the pptp_tcp service with type PPTP_TCP

are you sure about the last step? My Checkpoint here does not have a
protocol type of PPTP_TCP in the service parameters.

Thanks
Sascha

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [FW-1] PPTP/HIDE NAT, Sascha Picchiantano Re: [FW-1] PPTP/HIDE NAT, chkp tech [FW-1] Réf. : Re: [FW-1] PPTP/HIDE NAT, Bertrand KLOTZ <=

Previous by Date:	[FW-1] Error at policy install, Fernando Hagelsieb
Next by Date:	Re: [FW-1] Error at policy install, Mark Elsen
Previous by Thread:	Re: [FW-1] PPTP/HIDE NAT, chkp tech
Next by Thread:	[FW-1] IPSO cluster member down after upgrade to NGX R61, Mark Elsen
Indexes:	[Date] [Thread] [Top] [All Lists]