|
|||||||||||||
|
|||||||||||||
 |
 |
Frequently Asked Questions: What is Check Point Safe@Office? How is this solution better than using a PC firewall? I forgot the Safe@Office administrator password. What can I do? What is the difference between the low, medium and high security levels? I cannot connect to the LAN network from the DMZ network. What should I do? I cannot access http://my.firewall. What should I do? Error message "Service Center did not respond" when trying to connect to a service center How are nodes counted within the Safe@Office product line license? How do I prevent an IP node from taking up a license? How can I save my appliance event log entries?
What is Check Point Safe@Office? The Check Point Safe@Office appliance is an advanced Internet security appliance that enables secure high-speed Internet access from the office. The Safe@Office family incorporates the 100 and 200 product series. The 100 series and 200 series firewall, based on the world-leading Check Point Embedded NG Stateful Inspection technology, inspects and filters all incoming and outgoing traffic, blocking all unauthorized traffic. The Safe@Office appliance also allows sharing your Internet connection among several PCs or other network devices, enabling advanced office networking and saving the cost of purchasing static IP addresses. You can also connect Safe@Office appliances to security services available from select service providers, including firewall security updates, Web filtering, and dynamic DNS. Business users can use the Safe@Office appliance to securely connect to the office network. How is this solution better than using a PC firewall? Inherent drawbacks with PC firewalls make Safe@Office solutions a superior choice:
I am using the Safe@Office appliance behind another NAT device, and I am having problems with some applications. What should I do? By default, the Safe@Office appliance performs Network Address Translation (NAT). It is possible to use the Safe@Office appliance behind another device that performs NAT, such as a DSL router or Wireless router, but the device will block all incoming connections from reaching your Safe@Office appliance. To fix this problem, do ONE of the following. (The solutions are listed in order of preference.)
In any case, it is recommended that you open the following ports in the NAT device: UDP 9281/9282, UDP 500, TCP 256, TCP 264, ESP (IP protocol 50), TCP 981. View your router documentation for instructions. I forgot the Safe@Office administrator password. What can I do? The Safe@Office does not have a default administrator password. In case you forgot the password, please contact open a technical support request. Complete Technical Support Request Form What is the difference between the low, medium and high security levels? The default security policy that comes with the Safe@ appliance basically blocks all incoming traffic and allows all outbound traffic initiated from your home or office. I cannot connect to the LAN network from the DMZ network. What should I do? By default, connections from the DMZ network to the LAN network are blocked. To allow traffic from the DMZ to the LAN, configure appropriate firewall rules. For instructions, see 'Creating Rules' in the 'Safe@Office User Guide'. I cannot access http://my.firewall. What should I do? In case you cannot access the 'My.Firewall' page, try the following:
In case none of the above worked, please contact technical support. Error message "Service Center did not respond" when trying to connect to a service center The connection to a Check Point Service Center is using a proprietary protocol called SWTP (SofaWare Transport Protocol). This protocol makes sure that all communications between a Safe@Office box and the Service Ccenter are secured and encrypted. The communication between the Safe@Office and a Service Center is using UDP ports 9281/9282. In case your Safe@Office is behind another firewall, please make sure to enable traffic through the SWTP ports mentioned. In addition, please make sure that your router does not block these ports using ACLs (Access List). How are nodes counted within the Safe@Office product line license? Nodes are counted based on the number of concurrent IP addresses generating traffic through the firewall. An IP node will generate traffic traffic through the firewall when it sends packets to resources outside its own network (such as the Internet, DMZ, secondary logical network etc.). As a result, devices like network printers, switches or access points will not be counted as licensed nodes.How do I prevent an IP node from taking up a license? An IP node will take up a license if it generates traffic through the firewall. In order to prevent a node from generating traffic through the firewall, you'll need to set the node up with no default gateway information. Please note that this will make the node unable to surf the Internet. How can I save my appliance event log entries? In order to save the appliance event log entries do the following:
The logs will be saved as a Microsoft Excel file (XLS). Note: with this method you can only save up to the 100 current displayed event log entries. In case you want to save all event logs entries, you can use the Syslog logging option.
|
|
 |
|
