[fw-wiz] checkpoint authentication on external interface



I hope the list can help me out or point me in the correct direction.

In Checkpoint R65 splat when you turn ON Manual authentication, it
turns ON port 259 and 900 on both internal and external interfaces.
I was wondering if there's a way to turn it OFF on one interface and
still keep it on the other.
An example would be if you have an edge firewall and you don't want it
to be visible from the outside but still need it for other functions.
I tried to create a rule that would block anything from the outside to
the firewall on those ports and that did nothing.
Looking in tracker also showed nothing.
I can connect to the login page but I can't see any logs.
looking through the implied rules also showed nothing.
So does anyone have any suggestions that would not kill my support contract? :)

thanks

Frank
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards



Relevant Pages

  • Re: keeping ports open
    ... If a port is open, it means that 1) a software or service is running on your ... and 2) you're not using a firewall or your firewall isn't ... Use firewall software and hardware and antivirus software that is ... Follow the instructions for hardening Windows and IIS at ...
    (microsoft.public.security)
  • Re: How to Maintain an IIS Server?
    ... > server running on a Windows 2000 server. ... before a firewall and antivirus have been installed]. ... open ports; however, this will not identify which program is using the port. ...
    (microsoft.public.inetserver.iis.security)
  • Re: CEICW fails at firewall config
    ... ISA Server prevents connection to a remote desktop when you connect through ... Remote Web Workplace on a Windows Small Business Server 2003-based computer ... Acceleration Server as a firewall. ... connection uses TCP port 4125. ...
    (microsoft.public.windows.server.sbs)
  • Re: How to Maintain an IIS Server?
    ... >> server running on a Windows 2000 server. ... > before a firewall and antivirus have been installed]. ... > program or executable using that port. ...
    (microsoft.public.inetserver.iis.security)
  • Re: Is secedit.exe left by a hacker?
    ... > tested on port 445. ... > I have a Linksys router that I use as a firewall to my ... Secedit.exe is the name of a legitimate Windows file, ... investigate the files on your computer - antivirus with the latest updates ...
    (microsoft.public.win2000.security)