CPUG

The Check Point User Group

A Resource For The Check Point Community.  Fast.  Useful.  Independent.

1. Come to CPUG CON 2008 EUROPE in Switzerland on September 8th - 9th!
    Two days full of technical content for Check Point administrators in the beautiful Swiss Alps!
    We already have sign-ups from twelve different countries!
2. CCSA/CCSE One-Week Dual-Certification Training Course with CPUG in San Francisco!
    Courses Starting 7/14, 8/25, 10/6, 11/3, 12/8, (2009) 1/19, 2/9, 3/9, 4/6, 5/4, 6/8, 7/6, 8/3, 9/7.
3. Corrent S3500 SecureXL Turbocards For Sale - Last Six Remaining - Get Your Spares!
4. Join Us On LinkedIn - We now have a CPUG group.


Go Back   CPUG: The Check Point User Group > Check Point Firewall-1/VPN-1 And Related Products > Services
Reload this Page SSH V-01 through FW-1
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 2005-08-15
mushroom_new mushroom_new is offline
Junior Member
  
Join Date: 2005-08-15
Posts: 1
Rep Power: 0
mushroom_new has an average reputation (10+)
Default SSH V-01 through FW-1
hi,
I have problems in uising ssh-v1 accross the firewall. the log say accept in the first step and says denied in the second one.
Any clue on this? I'm using FW1 NG AI

Thanks,
Jee
Reply With Quote
  #2 (permalink)  
Old 2005-08-23
kfulford kfulford is offline
Junior Member
  
Join Date: 2005-08-23
Location: Alberta, Canada
Posts: 1
Rep Power: 0
kfulford has an average reputation (10+)
Default Re: SSH V-01 through FW-1
Sounds potentially like the anti-spoofing configuration. What is the reason listed for the dropped message? Information field will give a better idea where to start looking.
Reply With Quote
  #3 (permalink)  
Old 2005-08-25
yowieWithin yowieWithin is offline
Junior Member
  
Join Date: 2005-08-25
Posts: 5
Rep Power: 0
yowieWithin has an average reputation (10+)
Default Re: SSH V-01 through FW-1
It could also be a routing issue.
Check the routes on the firewall, and ensure it is routing it out the interface you think it should be.
You don't say what OS you're using, but 'route get' is your friend on Solaris.
Reply With Quote
  #4 (permalink)  
Old 2005-08-29
chillyjim chillyjim is offline
Senior Member
  
Join Date: 2005-08-29
Location: Upstate NY
Posts: 1,603
Rep Power: 4
chillyjim has an average reputation (10+)
Send a message via AIM to chillyjim Send a message via Skype™ to chillyjim
Default Re: SSH V-01 through FW-1
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Do you have SSH v1 blocked in your SmartDefense policy?

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.2 (Build 2424)

iQA/AwUBQxOcOpAxy6WP/pauEQLTRwCg8x60InLd1XojOL/136ld3XYxgvcAnRHJ
vB2iFUo16obmJa3PHksje8Q+
=IjXX
-----END PGP SIGNATURE-----
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -7. The time now is 18:47.

Contact Us - CPUG Home Page - Archive - Top

Powered by vBulletin® Version 3.7.2
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
LinkBacks Enabled by vBSEO 3.0.0