Thread: Antispoofing question
View Single Post
  #1 (permalink)  
Old 2006-02-16
nooon nooon is offline
Junior Member
  
Join Date: 2005-11-29
Posts: 19
Rep Power: 0
nooon has an average reputation (10+)
Default Antispoofing question
Hi,
Running out of idea with this one :

Have a couple of nokias in HA cluster with VRRP on all interfaces.
Running pretty fine.
s2p3 is my external if leading to internet, and antispoofing defined consequently as "External" for this one.

However, there is a group in the object list, when I click "Where Used ?" I can see that it's bound to s2p3 antispoofing !.

I indeed deployed a new subnet in front of my external interface, eventually not reachable due to antispoofing (this /28 subnet is included in the larger /16 subnet behind my internal interface). Then I updated the group mentionned above with this /28 subnet, and no more antispoofing issue.

How an "External" antispoofing flagged interface can still have a specific antispoofing group bound to it ?!?! Getting nuts here !!!

-jc

firewall[admin]# fw ver
This is Check Point VPN-1(TM) & FireWall-1(R) NG Feature Pack 3 Build 537001004
firewall[admin]# uname -ras
IPSO firewall 3.6-FCS6 releng 1061 01.21.2003-230310 i386

Mgmt :
# fw ver
This is Check Point VPN-1(TM) & FireWall-1(R) NG Feature Pack 3 Build 537001004
Reply With Quote