Implied rule dropping snmp-read

BarryG · #1 (**permalink**) 2005-12-13

CheckPoint Firewall-1 NG-AI R55 Hotfix 6 on Nokia IP 380 running IPSO 3.8

SmartCenter Server NG-AI R55 Hotfix 16 on Windows 2000 Server

Problem:

Number: 56396
Date: 13Dec2005
Time: 11:12:15
Product: VPN-1 & FireWall-1
Interface: eth-s1p1c0
Origin: fwne12 (10.31.16.137)
Type: Log
Action: Drop
Protocol: udp
Service: snmp-read (161)
Source: Server_1 (10.31.16.156)
Destination: Server_2 (10.31.124.101)
Rule: 0 - Implied Rules
Source Port: 2190

There is an explicit security rule that allows Server_1 (Windows 2000 Server) to make snmp-read connections to Server_2 (Windows 2000 Server) but it is dropped by the implied rule.

Any ideas why ?

Lackie · #2 (**permalink**) 2005-12-14

What does it say in the Information section of the drop? You seem to have missed that when copying it into the forum.

BarryG · #3 (**permalink**) 2005-12-15

The information field is blank (empty).

ogre_t · #4 (**permalink**) 2005-12-15

Try adding snmp to your allow rule.

I had the same problem with monitor services and I had to add snmp to the snmp-read to mkae it work.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode