Re: [FW1] Expected Rule 0 Error

[Matthias Leu <mleu@leu.de>]

Hi,
in most cases a drop by Rule 0 is a result of Anti-Spoofing.
The first thing I would do is to verify the interfaces of the Firewall Object (Network Object Manager, edit your Firewall and select the tab Interfaces). Highlight each interface and control the allowed IP Addresses for each interface, e.g.
internal interface: this net or specific (all your internal IP's)
external interface: others (means the rest, but not the IP's accepted at the internal interface)
Hope this helps
Best regards
Matthias

David Brinkman wrote:

> Everyone,
>
> I have had Firewall-1 version 3.0b installed for about the last year and a half.  During a previous upgrade attempt, I received a entry in my log that would not allow any STMP/HTTP, etc. traffic because of Rule 0.  Not having the knowledge to resolve this error, I figured I'd backout the upgrade and address it later.  Well, it's later and I am going to try this again.
>
> What is Rule 0 and where can I modify it?
>
> Thanks,
>
> -Dave
> -------------------------------------------------------------------
> David Brinkman
> Marketing Systems Group, Inc.
> 225 S. Westmonte Drive; Suite 2040
> Altamonte Springs., FL  32714
>
> Email:  dave@MSGCorp.com <mailto:dave@MSGCorp.com>
> Phone:  (407)774-4500
> Fax:    (407)774-3388
>
> ================================================================================
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
> ================================================================================

    [ Part 2, "Card for Matthias Leu"  Text/X-VCARD (Name: "mleu.vcf")  ]
    [ 13 lines. ]
    [ Unable to print this part. ]