Recent content by Pixxer26

Hi, I am wondering with the ASDM 5.0 with pix 7.0 when a guy makes a change and clicks apply. Does it start enforcing the rule once apply is hit? OR does it start enforcing the rule once you save it to running configuration? Thanks in advanced.

I assume you have logging turned on for the rule that would match inbound Ftp access to that server. If your not seeing the traffic in the firewall logs then other testing is required. If you add a rule to allow icmp from a outside address to the ftp server. Can you ping the public address to...

What version of Checkpoint are you running? From the log viewer do you see a ftp request hitting the firewall? Running a tcpdump on the ftp server, do see the traffic hit that box? Are you using the windows ftp client or a 3rd party one?

No Problem. Pixxer26

Hi Guys, I found something at Checkpoint. I have not attempted this yet, but in my experience with a guide for solaris from checkpoint didn't help very much. I would only try these on a test machine... You will need Secureknowledge advanced access. Hope this helps someone. enjoy!!! Solution...

Yes it is correct that the servers have the checkpoint firewall as the default gateway of what ever interface it is sitting behind. Cause I assume that the firewall is doing static translation and are protected by the checkpoint firewall. Check the firewall policy to see if you allow your...

Anyone know where I can find information on hardening the windows 2003 operating system for Checkpoint? Thanks.

Thanks for the response. I have followed your steps that you have suggested. I am still getting the same errors. I will try the Windows tftp server on Monday and post my results. What does this part of the error really mean? "[ERR]copy /noconfirm running-config

Hi, I am attempting to Save my running configuration to a tftp server located on a linux machine. I am using the ASDM 5.0 with a pix 7.0 515E. Here is the error that I am getting. Any ideas how to fix this? I was able to get the configuration off at one time, since then I haven't been able to...

Thats right they are.. Man. Something I guess had changed as well. The device was doing domain udp lookups to a dns server that was also in the DMZ got removed. So the lookups we going out the external interface and as you have said udp and icmp are not stateful protocols The look up's were...

Hi Everyone, I have have a problem with traffic that is allowed out but, gets denied by the firewall on the reply. -For Example- I have a rule that allows icmp out from a device in the DMZ. I see in the log the request go out and a tcpdump on the device that I am pinging shows it come in and...