Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

Checkpoint Firewall 4.0

Options
  • 03-12-2002 3:36pm
    #1
    ToxicPaddy
    Moderators, Business & Finance Moderators, Society & Culture Moderators Posts: 9,763 Mod ✭✭✭✭


    Hey Guys.

    I have an old version of Checkpoint Firewall, ver 4.0 and at the moment after setting it up, its still not allowing connectivity through it.. the rules are in place, the systems on the network can all see each other so Im a bit stumped..

    Ive gone through the documentation and cant find anything..

    Just wondering if there was anyone here who knows checkpoint fairly well as I might be able to pick yer brains about it..

    Btw, its running on an NT Server 4.0 platform with SP6a installed and nothing else..

    Thanks :)

    Tox


Comments

  • Options
    #2
    Gaz
    Registered Users Posts: 1,586 ✭✭✭Gaz


    have you got the correct license ? The external ip address you want to use is bound to the license, if you have changed it you need to contact there customer support , cost about 800 to change it though ... rip off.


  • Options
    #3
    ToxicPaddy
    Moderators, Business & Finance Moderators, Society & Culture Moderators Posts: 9,763 Mod ✭✭✭✭ToxicPaddy


    Yup, licence is fine, its bound to the external IP address of the system alright and that hasnt changed.

    from what I can see all connections to all systems behind the firewall are blocked... when I stop the firewall service I can ping everything including the router so there isnt a hardware fault..


  • Options
    #4
    Gaz
    Registered Users Posts: 1,586 ✭✭✭Gaz


    Looks like you have a policy set up incorrectly ... i cant remember off hand but go through policy editor , and check your "allow" and "deny" policies. Maybe icmp is blocked and thats why you cant ping ?? Have you tried to check connectivity in other ways , ie: not ping or tracert

    Sorry im away from my checkpoint server all week so i cant check it.


  • Options
    #5
    ToxicPaddy
    Moderators, Business & Finance Moderators, Society & Culture Moderators Posts: 9,763 Mod ✭✭✭✭ToxicPaddy


    Ive set it up to not allow ping...
    no its not a policy as they were all working at one stage and for no reason at all apparetly there system has decided to stop working..

    Ive reapplied any patches i could find, also the service pack but to no avail.. :(


  • Options
    #6
    spongebob
    Closed Accounts Posts: 6,143 ✭✭✭spongebob


    the hide address is normally different to the address bound to the licence, both of which are external of course.

    the subnets are bound to the hide external and not the licenced external, typically they are at either end of your external range

    addresses in between are used for NAT


  • Advertisement
  • Options
    #7
    hmmm
    Registered Users Posts: 11,205 ✭✭✭✭hmmm


    Turn on logging on all of the rules and look for dropped packets.


Advertisement