Re: Question: NAT on solaris 2.6

Wed, 3 Nov 1999 06:39:35 -0800 



Why don't you set your internal DNS to point to your 10.2.3.3 ip instead of
expecting the packets to route out through the firewall and then in again??
In most cases, if you configured spoof tracking correctly for the external
interface, these packets will be denied.

Regards
Marcel Gerardino
[EMAIL PROTECTED]





"Parthiv Shah" <[EMAIL PROTECTED]> on 11/02/99 04:06:57 PM

(Embedded image moved to file: pic14731.pcx)



To:   [EMAIL PROTECTED]
cc:    (bcc: Marcel Gerardino/CODETEL)

Subject:  Question: NAT on solaris 2.6




Hello,
I have setup a Check point firewall on Solaris 2.6 and this is how I am
doing NAT for my web server.
i.e. 1.2.3.4 is in bound ip and 10.2.3.3 is out of bound ip.
I created arp entry and static route for 1.2.3.4 on the fw.
Also, I created a rule for NAT on the fw.

By doing all of the above when users from Internet go to
http://www.companyname.com the rule is working fine and the users are going
to the appropriate web server (My dns for the web is pointing to the in
band ip address 1.2.3.4.)
But when users from inside the fw (who are on the segment 10.2.3.x) trying
to connect to the website the DNS is resolving to IP 1.2.3.4 and they are
trying to connect to webserver and it is FAILING. On the other hand if they
put IP of 10.2.3.3 in there URL it's working fine.  Any idea? thoughts? May
be there should be some special trick for DNS side or something?

Thanx in advance,
Parthiv
[EMAIL PROTECTED]
http://www.netadmin.net

-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]



(UUEncoded file named: pic14731.pcx follows)

begin 644 pic14731.pcx
M"@4!"`````!=`E$`````````````````````````````````````````````
M```````````````````````````!7@(!````````````````````````````
M``````````````````````````````````````````````````#_`/L`R@(#
M_P#_`/\`_P#_`/\`\`#8`,P`Q@##`,(`_P#S``,"!-0!!,("_P#_`-$`_P+(
M`O\`_P#_`.``T`#(`,0`P@``X``#R`+B`0+B`,("W@'"`@/I`.D!RP(#[`#_
M`<@!RP`"_P'(`0++`/\!R`'-``+8`=D`S`#&`,,`P@#=`,("[`$"W@`#!.8!
M!`+F`/8!!`+I`/\!R`'+``+_`<@!`LL`_P'(`<T``M@!V0#,`,8`PP#"`-D`
MP@+P`0+<``,$ZP$"Y`#Y`00"Y@#_`<@!RP`"_P'(`0++`/\!R`'-``+8`=D`
MS`#&`,,`P@#7``+S`0+:``+P`00#X0#\`00"XP#_`<@!RP`"_P'(`0++`/\!
MR`'-``+8`=D`S`#&`,,`P@#5``+U`0+7``,"]`$$`]\`_P$"X0#_`<@!RP`"
M_P'(`0++`/\!R`'-``+8`=D`S`#&`,,`P@#3``+W`0+6``/X`00#W0#_`<(!
M`M\`_P'(`<L``O\!R`$"RP#_`<@!S0`"V`'9`,P`Q@##`,(`T0`#^0$"U0`$
M^P$$W`#_`<0!`MT`_P'(`<L``O\!R`$"RP#_`<@!S0`"V`'9`,P`Q@##`,(`
MT``"^@$"TP`#_P$#V@#_`<8!`ML`_P'(`<L``O\!R`$"RP#_`<@!S0`"V`'9
M`,P`Q@##`,(`SP`$^P$"T@`$_P'"`0/9`/\!R`$#V0#_`<@!RP`"_P'(`0++
M`/\!R`'-``+8`=D`S`#&`,,`P@#-``/]`0+0``/_`<4!`]@`_P')`0/8`/\!
MR`'+``+_`<@!`LL`_P'(`<T``M@!V0#,`,8`PP#"`,P``OX!`L\``_\!QP$#
MUP#_`<H!`]<`_P'(`<L``O\!R`$"RP#_`<@!S0`"V`'9`,P`Q@##`,(`RP`#
M_P$"S@`#_P')`0/6`/\!RP$#U@#_`<@!RP`"_P'(`0++`/\!R`'-``+8`=D`
MS`#&`,,`P@#*``/_`0$"S@#?`03*`@3?`0/5`/\!S`$#U0#_`<@!RP`"_P'(
M`0++`/\!R`'-``+8`=D`S`#&`,,`P@#)``/H`038`@/-``3=`0(#S0`"W@$#
MU`#9`<H"!.@!`]0`V`$$[@++``/7`@38`=<"`\L`V0'N`LT``M@!V0#,`,8`
MPP#"`,D`!.$!`@/K``3;`00"T@`#!-P!`],`V0'0``,"!.$!U`#8`0+_`-(`
M`M@!XP#9`?L``M@!V0#,`,8`PP#"`,@``MX!!`(#[0`"VP$$U@`#VP$$TP#9
M`=0``@3>`033`-@!`O\`T@`"V`'C`-D!^P`"V`'9`,P`Q@##`,(`QP`#W0$$
M`_``VP$#V0`$V@$"T@#9`=8``P3=`0+2`-@!`O\`T@`"V`'C`-D!^P`"V`'9
M`,P`Q@##`,(`QP`$VP$$`_$``MH!W``$V@'2`-D!V``#!-P!`]$`V`$"_P#2
M``+8`>,`V0'[``+8`=D`S`#&`,,`P@#&``/;`03R``/:`0+=`-H!`M$`V0':
M``3<`=$`V`$"_P#2``+8`>,`V0'[``+8`=D`S`#&`,,`P@#&``3:`03S``39
M`03>``/:`0/0`-D!VP`$VP$"T`#8`0+_`-(``M@!XP#9`?L``M@!V0#,`,8`
MPP#"`,4``]H!!/,``]H!`]\`!-D!!-``V0'<``3;`=``V`$"_P#2``+8`>,`
MV0'[``+8`=D`S`#&`,,`P@#%``3:`0/S``39`0+@``/:`0//`-D!W0`$V@$"
MSP#8`0+_`-(``M@!XP#9`?L``M@!V0#,`,8`PP#"`,0``]H!!/,``MH!`^$`
M!-D!!,\`V0'=``/:`03/`-@!`O\`T@`"V`'C`-D!^P`"V`'9`,P`Q@##`,(`
MQ`#;`?0`!-H!X@`#V@'/`-D!W@`"V@'/`-@!`O\`T@`"V`'C`-D!^P`"V`'9
M`,P`Q@##`,(`PP`#V@$#]`#:`0+C``39`0+.`-D!WP#:`0/.`-@!`O\`T@`"
MV`'C`-D!^P`"V`'9`,P`Q@##`,(`PP`"V@'T``/:`0/C``/9`03.`-D!WP`"
MV0$"S@#8`0+_`-(``M@!XP#9`?L``M@!V0#,`,8`PP#"`,,`V@$"]``"V@'E
M`-H!S@#9`=\``]H!S@#8`0+_`-(``M@!XP#9`?L``M@!V0#,`,8`PP#"`,(`
M`]H!`_0`V@$"Y0#:`0+-`-D!X`#:`<X`V`$"_P#2``+8`>,`V0'[``+8`=D`
MS`#&`,,`P@#"``+9`03T``/:`>8``MD!`LT`V0'@``+9`0+-`-@!`O\`T@`"
MV`'C`-D!^P`"V`'9`,P`Q@##`,(`P@#:`0+T``+9`03F``+:`<T`V0'@``/9
M`0+-`-@!`O\`T@`"V`'C`-D!^P`"V`'9`,P`Q@##`,(```/:`0+T`-H!`N8`
M`]H!S0#9`>$`V0$$S0#8`03M`N0``M@!XP#9`>T"`\T``M@!V0#,`,8`PP#"
M```"V@$"]`#:`0+G`-H!S0#9`>$`V@'-`/\!QP'D``+8`>,`_P''`0+-``+8
M`=D`S`#&`,,`P@```MH!]0#:`>@`V@$#S`#9`>$``MD!S0#_`<<!Y``"V`'C
M`/\!QP$"S0`"V`'9`,P`Q@##`,(```+:`?4`V@'H`-H!`LP`V0'A``+9`<T`
M_P''`>0``M@!XP#_`<<!`LT``M@!V0#,`,8`PP#"```"V@'U`-D!!.@`V@$"
MS`#9`>$``MD!`LP`_P''`>0``M@!XP#_`<<!`LT``M@!V0#,`,8`PP#"```"
MV0$$]0#9`0+H``39`0+,`-D!X@#9`0+,`/\!QP'D``+8`>,`_P''`0+-``+8
M`=D`S`#&`,,`P@```MD!`O4`V0$"Z``"V0$"S`#9`>(`V0$"S`#_`<<!Y``"
MV`'C`/\!QP$"S0`"V`'9`,P`Q@##`,(``-H!`O0``MD!`N@``MD!`LP`V0'B
M`-D!`LP`_P''`>0``M@!XP#_`<<!`LT``M@!V0#,`,8`PP#"``#:`0+T``+9
M`0+H``+9`0+,`-D!X@#9`0+,`/\!QP'D``+8`>,`_P''`0+-``+8`=D`S`#&
M`,,`P@``V@'U``+9`0+H``+9`0+,`-D!X@#9`0+,`/\!QP'D``+8`>,`_P''
M`0+-``+8`=D`S`#&`,,`P@``V@$#]``"V@'H``+9`0+,`-D!X@#9`0+,`/\!
MQP'D``+8`>,`_P''`0+-``+8`=D`S`#&`,,`P@``!-D!`O0``]H!Z``"V0$"
MS`#9`>(`V0$"S`#_`<<!Y``"V`'C`/\!QP$"S0`"V`'9`,P`Q@##`,(```+9
M`0+U`-H!Z``"V0$"S`#9`>$``MD!`LP`_P''`>0``M@!XP#_`<<!`LT``M@!
MV0#,`,8`PP#"```"V0$"]0#:`>@``MD!`LP`V0'A``+9`0+,`-@!!.T"Y``"
MV`'C`-D![0(#S0`"V`'9`,P`Q@##`,(```+9`0+U`-H!Z``"V0$"S`#9`>$`
M`MD!`LP`V`$"_P#2``+8`>,`V0'[``+8`=D`S`#&`,,`P@```MH!]0#:`0+G
M``+9`0+,`-D!X0`$V0'-`-@!`O\`T@`"V`'C`-D!^P`"V`'9`,P`Q@##`,(`
M``+:`?4`V@$"YP#:`<T`V0'A`-H!S0#8`0+_`-(``M@!XP#9`?L``M@!V0#,
M`,8`PP#"```"V@$#]`#:`0+G`-H!S0#9`>$`V@'-`-@!`O\`T@`"V`'C`-D!
M^P`"V`'9`,P`Q@##`,(`P@#:`0+T``39`0+F``/:`<T`V0'A`-H!S0#8`0+_
M`-(``M@!XP#9`?L``M@!V0#,`,8`PP#"`,(`!-D!`O0``MH!Y@`"V0$$S0#9
M`>```MD!`LT`V`$"_P#2``+8`>,`V0'[``+8`=D`S`#&`,,`P@#"``+:`?4`
MV@'F`-H!`LT`V0'@``39`0+-`-@!`O\`T@`"V`'C`-D!^P`"V`'9`,P`Q@##
M`,(`PP#:`0+T``39`0/D``/:`0/-`-D!X`#:`<X`V`$"_P#2``+8`>,`V0'[
M``+8`=D`S`#&`,,`P@##``39`03T``+9`0+D``+:`<X`V0'?``+:`<X`V`$"
M_P#2``+8`>,`V0'[``+8`=D`S`#&`,,`P@##``+:`?4`V0$$Y`#:`0+.`-D!
MWP`$V0$$S@#9`?\`T@`"V`'C`-D!^P`"V`'9`,P`Q@##`,(`Q`#:`03T`-H!
M`^(``]H!`\X`V0'>``/:`0+.`-D!_P#2``+8`>,`V0$"^@`"V`$"V`#,`,8`
MPP#"`,0`!-H!`_,``MD!!.(`!-H!SP#9`=X`!-H!SP`"V`'_`-(``M@!XP`"
MV`$"^@`"V`$"V`#,`,8`PP#"`,0``]L!\P`#V@$#X0#:`0+/`-D!W0`#V@$"
MSP`"V`$"_P#1``+8`>,``M@!`OH``M@!`M@`S`#&`,,`P@#%``3:`0+S``+9
M`03@``+:`=``V0'=``3:`=```M@!`O\`T0`"V`'C``+8`0+Z``+8`0+8`,P`
MQ@##`,(`Q0`#VP$#\P#:`0+?`-H!`M``V0'<``3:`0+0``+8`03_`-$``M@!
MXP`"V`$$^@`"V`$$V`#,`,8`PP#"`,8`!-L!`_(``MH!`]T`!-D!!-$`V0';
M``3;`=$``]D!`_\`T``"V`'C``/9`0/Y``/9`038`,P`Q@##``#&``/<`0/R
M``39`03<``/:`0/1`-D!V0`#!-L!`M(`V0$$_P#0``+8`>0`V0$$^@#:`0/7
M`,P`Q@##``#'``3<`00#\``#V@$"V@`#V@$$T@#9`=@``MP!!-,`V@$$_P#/
M``+8`>0`V@$$^0`"V@$#UP#+`,8`PP``QP`#W@$"\``$V@$$`]<``ML!`](`
MV0'6``+>`=0``MH!`@/_`,T``M@!Y``"V@$"`_<``MH!!`/6`,L`Q@##``#(
M``/>`03"`NT``]P!`]0``P3;`0+3`-D!TP`"!-\!`]0``MP!!`/_`,L``M@!
MY``"W`$$`_8`W`$$`]4`RP#%`,,``,D``^(!!-X"`\P``]T!`M```@3<`034
M`-D!T0+B`0+5``/>`03G`@/A``+8`>0``]X!!.<"`\T`!-T!!-4"R@+%`L,"
M`\H`!/\!`0+-``/>`00#R@`#`M\!`]0`_P',`037``3_`<8!`N$``M@!Y0`$
M_P'&`0+-``/D`=(!R0'$`<(!`LL`!/\!`LX``^$!!,4"X@$#U0#_`<L!!-@`
M`_\!Q@$"X0`"V`'E``/_`<8!`LX`!.,!T@')`<0!P@$"S`#_`0+/``/_`<@!
M`]8`_P'*`03:``3_`<4!`N$``M@!Y@`$_P'%`0+.``/C`=(!R0'$`<(!`LT`
M!/T!`M```_\!Q@$#UP#_`<D!!-L``O\!Q0$"X0`"V`'F``+_`<4!`L\`XP'2
M`<D!Q`'"`0+.``+\`0+1``+_`<,!!-D`_P'(`03=``3_`<0!`N$``M@!YP`$
M_P'$`0+/``/C`=$!R0'$`<(!`L\``_L!`M(``_\!`0+:`/\!QP$$WP`$_P'#
M`0+A``+8`>@`!/\!PP$"T``"X@'1`<D!Q`'"`0+1``3Y`0+3``/]`00#VP#_
M`<8!`^$`!/\!P@$"X0`"V`'I``3_`<(!`M$`!.(!T0'(`<0!P@$"T@`"^`$"
MU0`"^@$"W0#_`<0!`N,``P3_`0$"X0`"V`'I``,$_P$!`M$``P3A`=$!R`'$
M`<(!`M0``O8!`M<`!/8!!`/>`/\!P@$"YP`"_P$"X0`"V`'K``+_`0+3``+A
M`=`!R`'$`<(!`M8``O0!`MD``O(!!`/@`/\!`NH``_X!`N$``M@![``#_@$"
MU``#X`'0`<@!Q`'"`0+8``+R`0+;``($[0$"`^(`_`$$`NX``P3[`0+A``+8
M`>X``P3[`0+6``,$WP'/`<@!Q`$!`ML`P@+N`0+=``,$Z0$"Y0#X`00"`_,`
M`P3Y`0+A``+8`?```P3Y`0+9``+>`<\!QP'$`0$"WP`"!.H!`M\``\("X@$$
M`@/G`/0!!`(#^@`#`@3U`0+A``+8`?,``P($]0$"W``"!-P!S@''`<,!`0+E
M`.8"`^0`P@($V0'"`NP`[P+_`/\`W@`#V`+_`/\`X@#1`,@`Q`#"``#_`/4`
M`\4"R@$$Q`(#_P#_`/\`_P#_`/\`[@#7`,L`Q@##```,____`$"(>*#`N-#@
M.'"@````````````````````````````````````````````````````````
M````````````````````````````````````````````````````````````
M````````````````````````````````````````````````````````````
M````````````````````````````````````````````````````````````
M````````````````````````````````````````````````````````````
M````````````````````````````````````````````````````````````
M````````````````````````````````````````````````````````````
M````````````````````````````````````````````````````````````
M````````````````````````````````````````````````````````````
M````````````````````````````````````````````````````````````
M````````````````````````````````````````````````````````````
M````````````````````````````````````````````````````````````
M````````````````````````````````````````````````````````````
M````````````````````````````````````````````````````````````
M````````````````````````````````````````````````````````````
M````````````````````````````````````````````````````````````
D````````````````````````````````````````````````
`
end


-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]

Reply via email to