firewall-wizards@listserv.icsalabs.com
To subscribe or unsubscribe via the World Wide Web, visit
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
or, via email, send a message with subject or body 'help' to
firewall-wizards-request@listserv.icsalabs.com
You can reach the person managing the list at
firewall-wizards-owner@listserv.icsalabs.com
When replying, please edit your Subject line so it is more specific
than "Re: Contents of firewall-wizards digest..."
Today's Topics:
1. Really, really, penultimate, PacSec CFP deadline, Aug 10.
(Dragos Ruiu)
2. Cisco FWSM/ASA Question (Matthew Watkins)
3. Check Point NG FP3 HF2 on Solaris 5.8 (Robert Fenech)
----------------------------------------------------------------------
Message: 1
Date: Tue, 31 Jul 2007 15:22:38 -0700
From: Dragos Ruiu <dr@kyx.net>
Subject: [fw-wiz] Really, really, penultimate, PacSec CFP deadline,
Aug 10.
To: firewall-wizards@honor.icsalabs.com
Message-ID: <200707311522.39128.dr@kyx.net>
Content-Type: text/plain; charset="us-ascii"
Some folks have been trying to convince us to extend deadlines,
so being the sticklers we are, we said: no way... :-) But they convinced
us. So to be fair - this is a heads up for others who didn't have time
to submit. :-) We'll try to turn around the selection reviews ASAP,
before the end of August for those who have already submitted.
cheers,
--dr
P.s. To the gentleman from McAfee who phoned me about his
submission, whose name I've forgotten: we didn't get your
mail, please get back in touch.
--
World Security Pros. Cutting Edge Training, Tools, and Techniques
Tokyo, Japan November 29/30 - 2007
http://pacsec.jp
pgpkey http://dragos.com/ kyxpgp
------------------------------
Message: 2
Date: Fri, 27 Jul 2007 13:36:16 +0100
From: Matthew Watkins <matt@idnet.net>
Subject: [fw-wiz] Cisco FWSM/ASA Question
To: firewall-wizards@listserv.icsalabs.com
Message-ID: <13643B55-19A9-4B4D-A8CC-2957E8E6913E@idnet.net>
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
I'm investigating a problem with Windows clients computers situated
behind a pair of redundant firewall services modules (installed in a
Cisco Catalyst 6513 switch). There's a new domain controller on one
VLAN, and our Windows/PC clients sit on another. Both networks are
routed through the FWSM, and general network connectivity seems fine.
The firewall blades are running the latest version of the FWSM/ASA code:
FWSM Firewall Version 3.1(6)
Basically, my Mac laptop running OS X seems to connect to all parts
of the network without problems. It can mount shares, resolve DNS
etc... However, the Windows desktop clients seem unable to logon to
the domain when booted up behind the firewall. Initially, I thought
the problem might be related to DNS protocol inspection, since we
were seeing the log messages below:
Jul 26 16:55:21 cam-sh-fw1-inside.redstardevelopment.com %
FWSM-2-106007: Deny inbound UDP from 172.17.50.3/53 to
172.29.6.2/1026 due to DNS Response
I've subsequently removed DNS inspection from the global default
rules, but it hasn't made any difference. This is a new site which we
are in the process of building, so the access-lists for both networks
are currently wide open:
access-list PERMISSIVE extended permit ip any any
access-group PERMISSIVE in interface inside
access-group PERMISSIVE in interface office-wired
access-group PERMISSIVE in interface office-dmz
We've created a stripped down domain user account, with no DFS shares
or home drive mappings, and this user account can successfully login
to the domain. Our servers are all running Win2K3. Any ideas what the
problem might be? I'm not seeing messages in the logs, and I'm a bit
confused about the possible cause...
Any ideas gratefully received!
- Matt
------------------------------
Message: 3
Date: Fri, 20 Jul 2007 14:04:44 +0200
From: "Robert Fenech" <robertfenech@gmail.com>
Subject: [fw-wiz] Check Point NG FP3 HF2 on Solaris 5.8
To: firewall-wizards@listserv.icsalabs.com
Message-ID:
<ee7b3f4e0707200504u4c45418bw77b2bcded1dded2b@mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"
Hi,
I am encountering a problem when it comes to install a policy on an NG FP3
HF2 firewall running on an old Solaris 5.8 machine.
Primarily when the policy is about to be installed I get the message "Failed
to install policy. Please make sure that Firewall-1 services are
running...".
I traced the processes as follows:
Parent Process ID | Process ID | Process
--------------------------------------------------------------------
1 20318 cpwd
20318 20329 cpd
20318 20485 rtmd
20318 20362 fwd
20318 20450 fgd50
20364 20386 cpstat_monitor
I tried to respawn each process to try and figure out which one was more
likely related to this policy installation issue.
Respawning cpd does sort out the problem (not for long though) in the sense
that the policy gets installed, however a second policy install fails with
the same error message.
Has anybody encountered this problem before?
Thanks,
Robert.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://listserv.icsalabs.com/pipermail/firewall-wizards/attachments/20070720/66e89bea/attachment-0001.html
------------------------------
_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
End of firewall-wizards Digest, Vol 16, Issue 1
***********************************************
No comments:
Post a Comment