Results 1 to 2 of 2

Thread: CP question

  1. February 14th, 2002, 05:52 PM #1
    Focmaester
    Focmaester is offline
    Banned
    Join Date
    Oct 2001
    Posts
    590

    CP question

    from what I understand, anti-spoofing should only
    accept packets that are from the NICs range or those
    specified in the others section, yet, from a simple
    test, CP <NG and FW-1> accepted packets comming
    from/to the VRRP address, although those were dropped
    by the rulebase, I'm wondering why weren't they
    dropped in the first place?
    Reply With Quote Reply With Quote
  2. February 14th, 2002, 06:43 PM #2
    iNViCTuS
    iNViCTuS is offline
    Senior Member
    Join Date
    Jan 2002
    Posts
    458
    Where were they dropped in the rulebase. if it is at rule 0, then it is because of the antispoofing configuration. If you can, please give a bit more information about your setup, and I will try to help you.

    Also, I don't know if this is an option, but you might not want to config antispoofing on your firewall, but instead do it on your internet router via access-lists. Just a bit easier in my opinion.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules