[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] Anti-Spoofing Problem

To: "'fw-1-mailinglist@lists.us.checkpoint.com'" <fw-1-mailinglist@lists.us.checkpoint.com>
Subject: [FW1] Anti-Spoofing Problem
From: "Parker, Ian" <parker.ian@syncrude.com>
Date: Tue, 23 Nov 1999 11:40:03 -0700


Hello all,

I have a firewall with three interfaces (external, DMZ, internal). A DNS
server is on the DMZ. I have anti-spoofing for the external interface set to
"Others". Whenever the firewall host attempts to do a DNS lookup, I get an
anti-spoofing alert on the external interface i.e.

lan0 spoofalert proto udp src fw-host dst dns-server service domain-udp.

I have tried changing the anti-spoofing configuration to "Others+" and
adding the IP address of lan0 as an allowed source address, but I still get
the alert. How do I set up anti-spoofing such that the firewall can talk to
the DNS server?

Thanks in advance for any assistance you can offer.

Ian Parker, MCP

Senior Systems Analyst 
Syncrude Canada Ltd

(780)790-4631
parker.ian@syncrude.com



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: Re: [FW1] Blocking Pointcast
Next by Date: [FW1] more details about core dumped..
Prev by thread: [FW1] core dumped..
Next by thread: Re: [FW1] Anti-Spoofing Problem
Index(es):
- Date
- Thread