mega_stream

Has anyone managed to get x-windows through a Raptor firewall? Also need to pass RSH.

Its not my butt on the line cause we can't get it working but someone's is gonna get a butt kickin over this!

Cheers for any suggestions.

DrEvil

This isn't a particularly useful comment, but the guys at BTN (wokingham, berks) configured the Raptor firewalls at my old place of work, and they got X-traffic working cos they had to, to allow us to X-display the managment GUI (or something like that).. so it is possible.

I'll try and see if I can get hold of one of the guys I know there...

Alex

mega_stream

Alex

That would be good, thats exactly what I want, to be able to get to management GUI's.

Its a big new contract we've got going on we've been told it can't be done on Raptor ( I think thats cr4p) and that we need to swap the pair of internal f/walls(f/w 1's) to be the external and the external pair (the raptors) to the internal.

Basically that boils down to
Checkpoint FW1 can do it
Raptor can't

Can't be true..

DrEvil

Megastream,

If memory servers me right, config should look look roughly like this, I think you have the reverse of this...

[ internet ]
|
[CHK POINT1 F/W]
|
[ RAPTOR ]
|
[ LAN ]

(note I've missed out the load balancing detail, as it would take ages to try to draw in text pics!)

I've just spoken to my mate at BTN (01189361810), they said yep it can be done (X-windows from the raptor box).

You will need to edit the files manually (text, vi!) to allow X-traffic, it should be mentioned in the Solaris install/admin manual/docs.

But as i mentioned above, you may need to change the order of the firewalls, CHKPT1 external, raptor internal, this was the config we used.

Rgds, Alex

stevencotton

Not sure exactly what you need to do, but have you tried X-forwarding via ssh?

Steve.

mega_stream

Thanks very much for that info Alex..

I'll look into it.

Steve,

We could you ssh yes, but the unix team would have to re configure shyte loads if we switch.

Cheers guys