On 11/22/06, cisco4ng <cisco4ng AT yahoo DOT com> wrote:
2) Pix/ASA is NOT a router so there are things that you can
do in Checkpoint that you can not do with Pix/ASA. For example,
if you have two networks 192.168.1.0/24 and 192.168.2.0/24
and they are both behind the pix firewall. The problem is that
hosts in network 192.168.1.0/24 can not communicate with hosts
in network 192.168.2.0/24 due to hairpinning. In other words,
traffics can not go in and out of the same interface due
to security level on the pix/ASA.
Do you mean "*same-security-traffic permit intra-interface" *?
http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a0080734db7.shtml
*
*
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
| 