Re: [fw-wiz] CP FW1 802.1q

From: Scott Walker Register (scott.register@us.checkpoint.com)
Date: 07/17/02


From: Scott Walker Register <scott.register@us.checkpoint.com>
To: "'firewall-wizards@honor.icsalabs.com'" <firewall-wizards@honor.icsalabs.com>, Siebenkaes Stefan <Stefan.Siebenkaes@itellium.com>
Date: Wed Jul 17 17:02:01 2002

FYI...

Nokia:
VLANs are supported on FW-1/Nokia on IPSO 3.5 or later and FW-1 NG FP2 or later.
This combination supports up to 64 VLAN interfaces. There is a hotfix available
from Nokia or Check Point support which will raise this limit to 256 interfaces,
and this limit will be further raised in future releases.

Solaris:
We support VLANs on Solaris 8 (64-bit) with NG FP1 or later. We've tested the
Sun Gigaswift and SySKonnect SK-98xx interfaces.

Windows:
Intel VLANs are supported on NT 4.0 SP6a (not Win2k) under NG FP1.

Linux:
Check Point's SecurePlatform and specific Linux-based appliances support VLANs, but
prior to Red Hat 7.3 the only way to get VLAN support was to get the Ben Greear drivers
and compile the kernel yourself, and CP doesn't support end-user-compiled kernels. RH7.3
has VLAN support and NG FP3 will support RH7.3 and Linux VLANs.

-SwR

------------------------
  From: =?iso-8859-1?q?m=20p?= <sumirati@yahoo.de>
  Subject: Re: [fw-wiz] CP FW1 802.1q
  Date: Tue, 16 Jul 2002 14:58:28 +0200 (CEST)
  To: Siebenkaes Stefan <Stefan.Siebenkaes@itellium.com>, "'firewall-wizards@honor.icsalabs.com'" <firewall-wizards@honor.icsalabs.com>

> --- Siebenkaes Stefan <Stefan.Siebenkaes@itellium.com> schrieb: > Hello,
> >
> > can I run 802.1q natively on a Checkpoint/Nokia? Can
> > this combination tag vlans?
> > Nobody was really sure...
> >
> > Any hints appreciated!
> >
> > Stefan
> >
> >
>
> Please take a look at:
>
> http://www.phoneboy.com/wizards/200009/msg00179.html
>
> As for Solaris: It seems that since Solaris 6 7/01 VLANs are supported.
>
> But (as mentioned often at the firewall-1 wizards mailinglist):
> VLANs are NOT good from a security point of view.
> Please see:
> http://www.sans.org/newlook/resources/IDFAQ/vlan.htm
>
> Hope that helps
>
> Marc
>
>
>
>
> __________________________________________________________________
>
> Gesendet von Yahoo! Mail - http://mail.yahoo.de
> Möchten Sie mit einem Gruß antworten? http://grusskarten.yahoo.de
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@honor.icsalabs.com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

---------------End of Original Message-----------------

----------------------------------------------------------------
Scott.Register@us.CheckPoint.com || FireWall-1 Product Manager
               Check Point Software Technologies, Inc.
2255 Glades Road / Suite 324A \ Boca Raton, FL 33431
Voice: 561.989.5418 | Fax: 561.997.5421 | 07/17/02 16:42:48
----------------------------------------------------------------