 | ||
 X11 enforcement violation | ||
| CPUG | |
| The Check Point User Group | |
| A Resource For The Check Point Community. Fast. Useful. Independent. | |
|
| |||||||
 |
| | LinkBack | Thread Tools | Display Modes |
 2008-01-28 | |||
| |||
 X11 enforcement violation The smartdefence on my firewall is reporting x11 enforcement violation for tcp ports 6000-6063. I have an 'any' port rule which is triggering the reject. The advice says i should create a specific rule. I'd prefer to just turn off this detection in smartdefence. But i cant see a corresponding smart defence rule. Where can i switch this off?  |
| 2008-01-28 | |||
| |||
| Re: X11 enforcement violation Are you trying to use X11 and getting blocked? I can't tell why this is a problem from your note. If you're trying to use X11, you must create a new rule with X11 as the service. X11 is specifically excluded from being included in "any". Ray |
| 2008-03-05 | |||
| |||
| Re: X11 enforcement violation Hi Ray Quote:
|
| 2008-03-06 | |||
| |||
| Re: X11 enforcement violation I ran into this issue when a customer wanted to use an actual 'ANY' rule. As ANY does not mean ANY in checkpoint...even if Match ANY is selected. The X11 service will not be part of the ANY checkpoint selection. You have to create a rule to allow this...I think the checkpoint SK explains a bit more, which I would add if the support site was not so cack. (Finally - sk24600) To reach my goal I had to create a service which was from 1-65535 which include everything. (An ANY service rule) May be this is wrong but it was the only work around I could find. Last edited by Danielpb; 2008-03-06 at 03:54. |
| 2008-03-06 | |||
| |||
| Re: X11 enforcement violation Quote:
SmartDashboard -> Policy -> Global Properties -> SmartDashboard Customization -> Configure button under Advanced Configuration -> Firewall-1 -> Stateful Inspection -> reject_x11_in_any HTH __________________ Its all in the documentation. |
|
| Thread Tools | |
| Display Modes | |
| |
Linear Mode
