[FW-1] AW: [FW-1] Bad Anti-Spoof Recovery

Subject:	[FW-1] AW: [FW-1] Bad Anti-Spoof Recovery
From:	Herbert Volkmann <hv AT CORETEC DOT AT>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Tue, 25 Jul 2006 10:07:18 +0200

Have you tried fw unloadlocal ?

&/ hv

> -----Ursprüngliche Nachricht-----
> Von: Mailing list for discussion of Firewall-1 [mailto:FW-1-
> MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] Im Auftrag von Ramki Security
> Gesendet: Dienstag, 25. Juli 2006 00:13
> An: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
> Betreff: Re: [FW-1] Bad Anti-Spoof Recovery
> 
> Try giving "fwm unloadlocal" on the module and then push policy from the
> smartdashboard after modifying the anti-spoofing parameters.
> 
> Ramki
> CCNA, CCSE-NGAI
> 
> Crist Clark wrote:
> > I have an enforcement module that appears to have a "bad"
> > policy installed. That is, it feels that traffic coming in
> > from the management server is spoofed. So how does one
> > install a corrected policy on this system? Obviously, you
> > cannot push a policy, but sometimes traffic originating from
> > the firewall itself gets through the anti-spoofing, so I
> > thought a,
> >
> >     # fw fetch <master>
> >
> > Might work, but I no. So then I tried,
> >
> >     # fw ctl uninstall
> >
> > To kill the anti-spoofing, but the fetches would still fail.
> >
> > What is a procedure to "reaquire" a module that has incorrectly
> > decided the management server is spoofing?
> 
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> fw-1-owner AT ts.checkpoint DOT com
> =================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] Bad Anti-Spoof Recovery, Crist Clark Re: [FW-1] Bad Anti-Spoof Recovery, Mark Elsen Re: [FW-1] Bad Anti-Spoof Recovery, Gary Scott Re: [FW-1] Bad Anti-Spoof Recovery, Crist Clark Re: [FW-1] Bad Anti-Spoof Recovery, Ramki Security [FW-1] AW: [FW-1] Bad Anti-Spoof Recovery, Herbert Volkmann <=

Previous by Date:	[FW-1] Work assigment static vs dynamic in IPSO cluster ; means what ?, Mark Elsen
Next by Date:	[FW-1] Check Point R55W Directory Traversal, Tauseef Khan
Previous by Thread:	Re: [FW-1] Bad Anti-Spoof Recovery, Ramki Security
Next by Thread:	Re: [FW-1] Error at policy install, Marius Banica
Indexes:	[Date] [Thread] [Top] [All Lists]