Firewall Wizards mailing list archives
Re: Help!
From: "Ryan Russell" <Ryan.Russell () sybase com>
Date: Mon, 19 Jul 1999 11:24:17 -0700
I am a CheckPoint firewall-1 user, the software version is 3.0b, and Operation System is Solaris 2.5.1,on which I have a 250 user license. Behind the firewall, I have several C class networks connected with cisco routers,but total nodes behind the firewall are less than 250. I have got this kind of messages many times,can anybody tell me why? and how can I solve this problem? Jul 2 09:57:22 firewall unix:,202.96.182.34 Jul 2 09:57:22 firewall unix:,128.63.2.53 ...... ...... Jul 2 09:57:24 firewall unix:).Contact your Firewall-1 reseller. The messages which surprise me most is that most of the IP address in the messages are not in the intranet but a valid address of the Internet.
Several questions for you: -Do you have the anti-spoofing turned on? -Are your users prone to bringing up weird addresses on your net? -Do you have the external interface (the one that doesn't count addresses) set correctly? The version I use doesn't have it, but... I think it's set in (default directory) /etc/fw/conf/external.if. Can be set via fwconfig. -Have you checked the FAQs: http://www.phoneboy.com/fw1/ http://www.dreamwvr.com/bastions/FW1_faq.html http://www.us.checkpoint.com/~joe/ -Have you tried the FW-1 mailing list? http://www.checkpoint.com/services/mailing.html Not trying to be insulting with the last couple, just trying to provide resources you might not be familiar with. Ryan