Hi Yardyy,
The problem you are facing is a routing problem.
As in the CP guide:
"Enabling Accept ICMP does not enable ICMP Redirect. If you wish to enable ICMP Redirect, you must explicitly do so."
But there's a predefined ICMP service in FW-1 which
can be used to accept those...
Hi Jacob,
As you have said ACL are limited, I advise you to check on the Internet about:
Stateful inspection, Anti spoofing wich does not exist on routers.
http://www.enteract.com/~lspitz/fwtable.html
Hicham Tfaily
Hi Brian,
You didn't specify if these double acks are comiing for all types of connections.
Some software use multiple TCP connections to establish one application connection. Is it the case?
Hicham Tfaily
Hi,
Just a clarification:
1- You have to do your scan from server 2 (the DMZ)
2- If the port 1433 is a TCP port superscan can do the job, but if it is a UDP port you can't do this with superscan...
If it's a UDP port let me know!
Hi joel,
from what you've cited, I can understand that you have an ordinary DMZ which means that your DMZ lies on an interface of your firewall, so when you apply the checkpoint policy it will be applied on all interfaces.
All the rules that are in the policy will apply to the machine in the...
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.