Firewall Wizards mailing list archives

Re: CP FW1 802.1q

From: Scott Walker Register <scott.register () us checkpoint com>
Date: Wed, 17 Jul 2002 16:42:47 -0500

FYI...

Nokia:
VLANs are supported on FW-1/Nokia on IPSO 3.5 or later and FW-1 NG FP2 or later.
This combination supports up to 64 VLAN interfaces.  There is a hotfix available
from Nokia or Check Point support which will raise this limit to 256 interfaces,
and this limit will be further raised in future releases.

Solaris:
We support VLANs on Solaris 8 (64-bit) with NG FP1 or later.  We've tested the
Sun Gigaswift and SySKonnect SK-98xx interfaces.

Windows:
Intel VLANs are supported on NT 4.0 SP6a (not Win2k) under NG FP1.

Linux:
Check Point's SecurePlatform and specific Linux-based appliances support VLANs, but
prior to Red Hat 7.3 the only way to get VLAN support was to get the Ben Greear drivers
and compile the kernel yourself, and CP doesn't support end-user-compiled kernels.  RH7.3
has VLAN support and NG FP3 will support RH7.3 and Linux VLANs.

-SwR

------------------------
  From: =?iso-8859-1?q?m=20p?= <sumirati () yahoo de>
  Subject: Re: [fw-wiz] CP FW1 802.1q
  Date: Tue, 16 Jul 2002 14:58:28 +0200 (CEST)
  To: Siebenkaes Stefan <Stefan.Siebenkaes () itellium com>, "'firewall-wizards () honor icsalabs com'" 
<firewall-wizards () honor icsalabs com>

 --- Siebenkaes Stefan <Stefan.Siebenkaes () itellium com> schrieb: > Hello,


can I run 802.1q natively on a Checkpoint/Nokia? Can
this combination tag vlans?
Nobody was really sure...

Any hints appreciated!

Stefan


Please take a look at:

http://www.phoneboy.com/wizards/200009/msg00179.html

As for Solaris: It seems that since Solaris 6 7/01 VLANs are supported.

But (as mentioned often at the firewall-1 wizards mailinglist):
VLANs are NOT good from a security point of view.
Please see:
http://www.sans.org/newlook/resources/IDFAQ/vlan.htm

Hope that helps

Marc




__________________________________________________________________

Gesendet von Yahoo! Mail - http://mail.yahoo.de
Möchten Sie mit einem Gruß antworten? http://grusskarten.yahoo.de
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


---------------End of Original Message-----------------

----------------------------------------------------------------
Scott.Register () us CheckPoint com  ||  FireWall-1 Product Manager
               Check Point Software Technologies, Inc.
2255 Glades Road    /    Suite 324A     \  Boca Raton, FL  33431
Voice: 561.989.5418 | Fax: 561.997.5421  |   07/17/02   16:42:48
----------------------------------------------------------------

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

CP FW1 802.1q Siebenkaes Stefan (Jul 16)
- Re: CP FW1 802.1q Fabio Pietrosanti (naif) (Jul 16)
- Re: CP FW1 802.1q m p (Jul 16)
  - Re: CP FW1 802.1q m p (Jul 16)
    - Re: CP FW1 802.1q Carson Gaspar (Jul 16)
    - Re: CP FW1 802.1q John Adams (Jul 16)
  - Re: CP FW1 802.1q Scott Walker Register (Jul 17)