Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Search results for query: *

  1. watchguardmonkey

    checkpoint r70 practise test 156- 215.70

    Hi Boson are pretty good, I use test king myself and found them to be always spot on.
  2. watchguardmonkey

    135 Dropped by Rule 996

    The RPC will be denied by smart defense as it will think this is an attack, the rpc can be switched off or re-configured to a higher threshold in the smart defense dashboard, or simply a add a rule to he FW allowing 135 DCE RPC to and from the required IP's, don't forget to amend, remove any...
  3. watchguardmonkey

    Cluster Nokia IP330

    Hi, Yes what you wish to do is possible, but the easiest way would to be just use VRRP and set up a pc as your management station, NOKIA clustering can cause a few issues. WGM
  4. watchguardmonkey

    cant pass traffic on the asa between the trusted LANs

    ok just for info incase anyone else has the same issue, it was solved by putting a no-nat rule for the 10's networks. cheers, WGM
  5. watchguardmonkey

    cant pass traffic on the asa between the trusted LANs

    why?
  6. watchguardmonkey

    PIX VPN access to DMZ

    Hi, Think you need a acl something like this, only with your required ip's and ports; access-list outside_1_cryptomap extended permit ip 192.168.27.48 255.255.255.240 10.0.1.0 255.255.255.0 cheers, WGM
  7. watchguardmonkey

    Blocking HTTP Download

    Hi, When I went to school http was a tcp connection and hence if established from the trusted LAN and http was allowed from said trusted LAN, a dowload as you say, cannot be blocked, if you are allowing raw http from the trusted LAN, can you please be more specific in your question, is it...
  8. watchguardmonkey

    cant pass traffic on the asa between the trusted LANs

    OK here is the error message, but the cisco error decoder dosn't like it, Config nat (inside) 1 10.0.0.0 255.0.0.0 match ip inside 10.0.0.0 255.0.0.0 inside any dynamic translation to pool 1 (No matching global) translate_hits = 2, untranslate_hits = 0 so what is he global statement that...
  9. watchguardmonkey

    cant pass traffic on the asa between the trusted LANs

    brianinms first thing I checked they all point back to the 3600 interface that's on the LAN, it's to do with the ACL's and he NAT statements, will put the errors into the cisco tool and get it from that, just thought someone on here might have spotted the error in the config. thanks for you...
  10. watchguardmonkey

    cant pass traffic on the asa between the trusted LANs

    they all connect into a cisco 3600 which then points them to the asa, I'm looking at changing this at the minute which would no doubt solve the problem, but was just wondering what experinced cisco users made of the config and why it is not pasing the traffic, as when I replace the asa with the...
  11. watchguardmonkey

    cant pass traffic on the asa between the trusted LANs

    Hi Thanks for teh reply, but could you expand a bit on it, the 192 address is the management ip and I can get to it no problem, the problem lies with the remote sites that are connected via a cisco router getting to the corporate 10.0.1.0 /24 network, the remote sites are all 10.0.2, 10.0.3...
  12. watchguardmonkey

    cant pass traffic on the asa between the trusted LANs

    Hi, Just been given this network to look after and it has an ASA 5500, which I'm brand new to and the problem is that traffic can't seem to get pass the device when it is all on the trusted side. We have 12 networks connected via a cisco router, and the asa on the corporate LAN which all the...
  13. watchguardmonkey

    Checkpoint Firewall-1/VPN-Pro

    do you see any dropped packets on tracker? do you have anti spoofing defined on he interfaces, if so have you included all the relevant networks? do you have route statements for the DMZ subnet with the gateway as the DMZ interface?
  14. watchguardmonkey

    Nokia IP530 cannot connect with Checkpoint GUI policy editor client

    from CLI run cpconfig and then add yourself as an administrator and you can add tour pc as a GUI client, this should give you access to the FW.
  15. watchguardmonkey

    Nokia IP530 cannot connect with Checkpoint GUI policy editor client

    do you hav oob access to the FW or is the access inband, if you have oob acces then you will be able to acces the FW fine by either the voyager or CLI.
  16. watchguardmonkey

    help on broadcast

    think you need to review basic networks and TCP/IP, your ISP has given you a /30 subnet this has 2 usable hosts with a network and broadcast address, a broadcast address is integral to a network, no matter what size, working correctly. there is a way of using the broadcast address but it is not...
  17. watchguardmonkey

    Nokia IP530 cannot connect with Checkpoint GUI policy editor client

    what was the last change you made to the FW, are you the only person with acces to the FW? try a fw unloadlocal, then you should be able to access the FW via the GUI check the rules make sure the stealth rule is not above any management access rule then push the policy and see what happens.
  18. watchguardmonkey

    Key Install

    have you got a VPN setup on the external IP?
  19. watchguardmonkey

    Replacing a Failed HA Nokia / Checkpoint Firewall.

    Take it you have a management server with central licensing? if so you just build the box as normal chose distributed on the type of deployment, do the SIC seed. then from the management server re-establish SIC then push the policy. hth WGM
  20. watchguardmonkey

    Voyager access issue

    can you access the box via the CLI? if not it sounds like your access has been removed/lost in a policy update.

Part and Inventory Search

Back
Top