1. Home
  2. Networking Firewalls
  3. CheckPoint Problem on DHCP

CheckPoint Problem on DHCP

Hi,

I have a problem on Checkpoint recently, all the DHCP client can't access internet fully(just can access a few web site) thought checkpoint. And i had check the log but havn't found any not accept in there. So i had create a new configuration and input the rule again. Every thing work prefectly again. But after a few days, this accident was happened again. Every thing was worked over one year without any problem. So can you tell me what is the problem?

Firewall : Checkpoint 4.1on Windows NT4 with SP6 DHCP Server : Windows NT4 with SP6

Thanks,

Wesley

Reply to
wesley.mks
Loading thread data ...

Well I think something must have changed for it to stop working after a week all by itself, so what your saying is they can access a websites but not full internet access..well that could just be cached somewhere..

what are you using for your default gateway? are your rulebase allowing for the entire DHCP IP scope, set your DHCP server to give the same ip to the same host where possible.

Have you recently run any software updates, are you running revision checking? has a new database version been created (meaning the rulebase has changed..)

if there arent any access logs in checkpoint then that means either the packets are being dropped before then, or your last rule on the firewall hasnt got the log option set, set log on all your rules then check logs, perhaps an upper rule is misconfigured and denying the traffic.

Flamer.

snipped-for-privacy@gmail.com wrote:

Reply to
die.spam

Fo starters:

  1. You're running a firewall on an ancient Windows OS

  1. Your Windows OS has been unsupported and has had no patches for over a year and a half.

  2. Your Check Point version has not had any patches in a couple of years and is unsupported. There are several known exploits to bypass it.

  1. Your DHCP server is on NT 4 is well.

Dude, NT 4 was written for the threat environment of 1993.

Time to join the 21st century and get systems that can handle the threat environmment of 2006.

JJ

Reply to
Me

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.