Hallo,
Ik heb Check Point VPN-1 SecureClient geïnstalleerd. Als ik firewalling=off heb staan, doet hij het goed.
Ik heb een XS4ALL ADSL verbinding met behulp van een Alcatel Speedtouch 510i Multi-User met de nieuwste firmware.
Maar als ik firewalling=on heb, kan ik niet verbinden. Het ligt niet aan mijn NAT-settings denk ik, want die doen het zonder firewall.
Ik ben eigenlijk op zoek naar de rules die ik moet toevoegen om gebruik te kunnen maken van dit programma. Of welke poorten ik moet openzetten om de rules te maken.
Dit heb ik gevonden op de site van Check Point: https://secureknowledge.c...ports%29%29&resultStart=1
Ik heb de poorten proberen in te stellen, maar ik kon niet verbinden.
De error die ik krijg is dat hij de gateway niet kan vinden.
Dit is wat ik tot nu toe heb:
#############################################
[ pfirewall.ini ]
chain create chain=sink
chain create chain=forward
chain create chain=source
rule create chain=sink index=0 srcintfgrp=!wan action=accept
rule create chain=sink index=1 prot=udp dstport=dns action=accept
rule create chain=sink index=2 prot=udp dstport=bootpc action=accept
rule create chain=sink index=3 prot=icmp icmptype=echo-request action=drop
rule create chain=sink index=4 action=drop
rule create chain=forward index=0 srcintfgrp=lan prot=tcp dstport=www-http action=accept
rule create chain=forward index=1 srcintfgrp=wan prot=tcp srcport=www-http action=accept
rule create chain=forward index=2 srcintfgrp=lan prot=tcp dstport=27243 dstportend=27245 action=accept
rule create chain=forward index=3 srcintfgrp=wan prot=tcp srcport=27243 srcportend=27245 action=accept
rule create chain=forward index=4 srcintfgrp=lan prot=udp dstport=27243 dstportend=27245 action=accept
rule create chain=forward index=5 srcintfgrp=wan prot=udp srcport=27243 srcportend=27245 action=accept
rule create chain=forward index=6 srcintfgrp=lan prot=udp dstport=27960 dstportend=28000 action=accept
rule create chain=forward index=7 srcintfgrp=wan prot=udp srcport=27960 srcportend=28000 action=accept
rule create chain=forward index=8 srcintfgrp=lan prot=tcp dstport=1863 action=accept
rule create chain=forward index=9 srcintfgrp=wan prot=tcp srcport=1863 action=accept
rule create chain=forward index=10 srcintfgrp=lan prot=tcp dstport=6891 dstportend=6901 action=accept
rule create chain=forward index=11 srcintfgrp=wan prot=tcp srcport=6891 srcportend=6901 action=accept
rule create chain=forward index=12 srcintfgrp=wan prot=tcp srcport=5190 action=accept
rule create chain=forward index=13 srcintfgrp=lan prot=tcp dstport=5190 action=accept
rule create chain=forward index=14 srcintfgrp=lan prot=tcp srcport=ftp action=accept
rule create chain=forward index=15 srcintfgrp=wan prot=tcp dstport=ftp action=accept
rule create chain=forward index=16 srcintfgrp=lan prot=tcp srcport=ftp-data action=accept
rule create chain=forward index=17 srcintfgrp=wan prot=tcp dstport=ftp-data action=accept
rule create chain=forward index=18 dstintfgrp=wan prot=tcp dstport=pop3 action=accept
rule create chain=forward index=19 dstintfgrp=lan prot=tcp ack=yes srcport=pop3 action=accept
rule create chain=forward index=20 srcintfgrp=lan prot=tcp dstport=smtp action=accept
rule create chain=forward index=21 srcintfgrp=wan prot=tcp srcport=smtp action=accept
rule create chain=forward index=22 srcintfgrp=wan dstintfgrp=lan action=accept
rule create chain=forward index=23 srcintfgrp=lan prot=tcp dstport=443 action=accept
rule create chain=forward index=24 srcintfgrp=wan prot=tcp srcport=443 action=accept
rule create chain=forward index=25 srcintfgrp=wan prot=tcp srcport=9898 action=accept
rule create chain=forward index=26 srcintfgrp=lan prot=tcp dstport=9898 action=accept
rule create chain=forward index=27 srcintfgrp=wan prot=tcp srcport=5050 action=accept
rule create chain=forward index=28 srcintfgrp=lan prot=tcp dstport=5050 action=accept
rule create chain=forward index=29 dstintfgrp=lan prot=tcp srcport=nntp action=accept
rule create chain=forward index=30 dstintfgrp=wan prot=tcp dstport=nntp action=accept
rule create chain=forward index=31 srcintfgrp=lan prot=tcp srcport=1200 srcportend=4672 dstport=4661 dstportend=9090 action=accept
rule create chain=forward index=32 srcintfgrp=wan prot=tcp srcport=4662 dstport=30000 dstportend=50000 action=accept
rule create chain=forward index=33 dstintfgrp=lan prot=tcp srcport=1412 action=accept
rule create chain=forward index=34 dstintfgrp=wan prot=tcp dstport=1412 action=accept
rule create chain=forward index=35 dstintfgrp=lan prot=udp srcport=1412 action=accept
rule create chain=forward index=36 dstintfgrp=wan prot=udp dstport=1412 action=accept
rule create chain=forward index=37 dstintfgrp=lan prot=tcp dstport=375 dstportend=425 action=drop
rule create chain=forward index=38 dstintfgrp=wan prot=tcp srcport=375 srcportend=425 action=drop
rule create chain=forward index=39 dstintfgrp=lan prot=tcp dstport=2000 dstportend=4500 action=drop
rule create chain=forward index=40 dstintfgrp=wan prot=tcp srcport=2000 srcportend=4000 action=accept
rule create chain=forward index=41 srcintfgrp=lan prot=tcp dstport=6660 dstportend=6669 action=accept
rule create chain=forward index=42 srcintfgrp=wan prot=tcp srcport=6660 srcportend=6669 action=accept
rule create chain=forward index=43 dstintfgrp=lan prot=udp srcport=1200 action=accept
rule create chain=forward index=44 dstintfgrp=wan prot=udp dstport=1200 action=accept
rule create chain=forward index=45 srcintfgrp=lan prot=udp dstport=27000 dstportend=27015 action=accept
rule create chain=forward index=46 srcintfgrp=wan prot=udp srcport=27000 srcportend=27015 action=accept
rule create chain=forward index=47 srcintfgrp=lan prot=tcp dstport=27030 dstportend=27039 action=accept
rule create chain=forward index=48 srcintfgrp=wan prot=tcp srcport=27030 srcportend=27039 action=accept
rule create chain=forward index=49 srcintfgrp=lan prot=tcp dstport=httpproxy action=accept
rule create chain=forward index=50 srcintfgrp=wan prot=tcp srcport=httpproxy action=accept
rule create chain=forward index=51 srcintfgrp=lan prot=tcp dstport=113 action=accept
rule create chain=forward index=52 srcintfgrp=wan prot=tcp srcport=113 action=accept
rule create chain=forward index=53 srcintfgrp=lan prot=tcp dstport=1723 action=accept
rule create chain=forward index=54 srcintfgrp=wan prot=tcp srcport=1723 action=accept
rule create chain=forward index=55 action=drop
assign hook=sink chain=sink
assign hook=forward chain=forward
assign hook=source chain=source
###############################################
Kan iemand mij helpen?
Ik heb Check Point VPN-1 SecureClient geïnstalleerd. Als ik firewalling=off heb staan, doet hij het goed.
Ik heb een XS4ALL ADSL verbinding met behulp van een Alcatel Speedtouch 510i Multi-User met de nieuwste firmware.
Maar als ik firewalling=on heb, kan ik niet verbinden. Het ligt niet aan mijn NAT-settings denk ik, want die doen het zonder firewall.
Ik ben eigenlijk op zoek naar de rules die ik moet toevoegen om gebruik te kunnen maken van dit programma. Of welke poorten ik moet openzetten om de rules te maken.
Dit heb ik gevonden op de site van Check Point: https://secureknowledge.c...ports%29%29&resultStart=1
Ik heb de poorten proberen in te stellen, maar ik kon niet verbinden.
De error die ik krijg is dat hij de gateway niet kan vinden.
Dit is wat ik tot nu toe heb:
#############################################
[ pfirewall.ini ]
chain create chain=sink
chain create chain=forward
chain create chain=source
rule create chain=sink index=0 srcintfgrp=!wan action=accept
rule create chain=sink index=1 prot=udp dstport=dns action=accept
rule create chain=sink index=2 prot=udp dstport=bootpc action=accept
rule create chain=sink index=3 prot=icmp icmptype=echo-request action=drop
rule create chain=sink index=4 action=drop
rule create chain=forward index=0 srcintfgrp=lan prot=tcp dstport=www-http action=accept
rule create chain=forward index=1 srcintfgrp=wan prot=tcp srcport=www-http action=accept
rule create chain=forward index=2 srcintfgrp=lan prot=tcp dstport=27243 dstportend=27245 action=accept
rule create chain=forward index=3 srcintfgrp=wan prot=tcp srcport=27243 srcportend=27245 action=accept
rule create chain=forward index=4 srcintfgrp=lan prot=udp dstport=27243 dstportend=27245 action=accept
rule create chain=forward index=5 srcintfgrp=wan prot=udp srcport=27243 srcportend=27245 action=accept
rule create chain=forward index=6 srcintfgrp=lan prot=udp dstport=27960 dstportend=28000 action=accept
rule create chain=forward index=7 srcintfgrp=wan prot=udp srcport=27960 srcportend=28000 action=accept
rule create chain=forward index=8 srcintfgrp=lan prot=tcp dstport=1863 action=accept
rule create chain=forward index=9 srcintfgrp=wan prot=tcp srcport=1863 action=accept
rule create chain=forward index=10 srcintfgrp=lan prot=tcp dstport=6891 dstportend=6901 action=accept
rule create chain=forward index=11 srcintfgrp=wan prot=tcp srcport=6891 srcportend=6901 action=accept
rule create chain=forward index=12 srcintfgrp=wan prot=tcp srcport=5190 action=accept
rule create chain=forward index=13 srcintfgrp=lan prot=tcp dstport=5190 action=accept
rule create chain=forward index=14 srcintfgrp=lan prot=tcp srcport=ftp action=accept
rule create chain=forward index=15 srcintfgrp=wan prot=tcp dstport=ftp action=accept
rule create chain=forward index=16 srcintfgrp=lan prot=tcp srcport=ftp-data action=accept
rule create chain=forward index=17 srcintfgrp=wan prot=tcp dstport=ftp-data action=accept
rule create chain=forward index=18 dstintfgrp=wan prot=tcp dstport=pop3 action=accept
rule create chain=forward index=19 dstintfgrp=lan prot=tcp ack=yes srcport=pop3 action=accept
rule create chain=forward index=20 srcintfgrp=lan prot=tcp dstport=smtp action=accept
rule create chain=forward index=21 srcintfgrp=wan prot=tcp srcport=smtp action=accept
rule create chain=forward index=22 srcintfgrp=wan dstintfgrp=lan action=accept
rule create chain=forward index=23 srcintfgrp=lan prot=tcp dstport=443 action=accept
rule create chain=forward index=24 srcintfgrp=wan prot=tcp srcport=443 action=accept
rule create chain=forward index=25 srcintfgrp=wan prot=tcp srcport=9898 action=accept
rule create chain=forward index=26 srcintfgrp=lan prot=tcp dstport=9898 action=accept
rule create chain=forward index=27 srcintfgrp=wan prot=tcp srcport=5050 action=accept
rule create chain=forward index=28 srcintfgrp=lan prot=tcp dstport=5050 action=accept
rule create chain=forward index=29 dstintfgrp=lan prot=tcp srcport=nntp action=accept
rule create chain=forward index=30 dstintfgrp=wan prot=tcp dstport=nntp action=accept
rule create chain=forward index=31 srcintfgrp=lan prot=tcp srcport=1200 srcportend=4672 dstport=4661 dstportend=9090 action=accept
rule create chain=forward index=32 srcintfgrp=wan prot=tcp srcport=4662 dstport=30000 dstportend=50000 action=accept
rule create chain=forward index=33 dstintfgrp=lan prot=tcp srcport=1412 action=accept
rule create chain=forward index=34 dstintfgrp=wan prot=tcp dstport=1412 action=accept
rule create chain=forward index=35 dstintfgrp=lan prot=udp srcport=1412 action=accept
rule create chain=forward index=36 dstintfgrp=wan prot=udp dstport=1412 action=accept
rule create chain=forward index=37 dstintfgrp=lan prot=tcp dstport=375 dstportend=425 action=drop
rule create chain=forward index=38 dstintfgrp=wan prot=tcp srcport=375 srcportend=425 action=drop
rule create chain=forward index=39 dstintfgrp=lan prot=tcp dstport=2000 dstportend=4500 action=drop
rule create chain=forward index=40 dstintfgrp=wan prot=tcp srcport=2000 srcportend=4000 action=accept
rule create chain=forward index=41 srcintfgrp=lan prot=tcp dstport=6660 dstportend=6669 action=accept
rule create chain=forward index=42 srcintfgrp=wan prot=tcp srcport=6660 srcportend=6669 action=accept
rule create chain=forward index=43 dstintfgrp=lan prot=udp srcport=1200 action=accept
rule create chain=forward index=44 dstintfgrp=wan prot=udp dstport=1200 action=accept
rule create chain=forward index=45 srcintfgrp=lan prot=udp dstport=27000 dstportend=27015 action=accept
rule create chain=forward index=46 srcintfgrp=wan prot=udp srcport=27000 srcportend=27015 action=accept
rule create chain=forward index=47 srcintfgrp=lan prot=tcp dstport=27030 dstportend=27039 action=accept
rule create chain=forward index=48 srcintfgrp=wan prot=tcp srcport=27030 srcportend=27039 action=accept
rule create chain=forward index=49 srcintfgrp=lan prot=tcp dstport=httpproxy action=accept
rule create chain=forward index=50 srcintfgrp=wan prot=tcp srcport=httpproxy action=accept
rule create chain=forward index=51 srcintfgrp=lan prot=tcp dstport=113 action=accept
rule create chain=forward index=52 srcintfgrp=wan prot=tcp srcport=113 action=accept
rule create chain=forward index=53 srcintfgrp=lan prot=tcp dstport=1723 action=accept
rule create chain=forward index=54 srcintfgrp=wan prot=tcp srcport=1723 action=accept
rule create chain=forward index=55 action=drop
assign hook=sink chain=sink
assign hook=forward chain=forward
assign hook=source chain=source
###############################################
Kan iemand mij helpen?