Check your anti-spoofing to see if it's the culprit. Try setting it to ANY (JUST FOR TESTING ONLY!!!) to see if it starts working. If it does you know where the problem is. Hope it helps. --- simon chan <[EMAIL PROTECTED]> wrote: > Hi fellow cp users, > > we have a nt 4.0 sp6a running checkpoint 2000 sp1. > We intend to host a unix server so that it can be > reached > from the internet. > > We've created a a workstation object e.g. Ux giving > it a > spare private ip > address e.g. a.b.c.d and in the NAT tab, we've > selected > "Static" and give it > a public valid IP e.g. w.x.y.z > > We've created a local.arp file : > > w.x.y.z <tab> 00-00-E2-33-24-CA > > We've also created a permanent route in the NT : > > route add -p w.x.y.z mask 255.255.255.255 a.b.c.d > > We've added the necessary rules : > Any Ux Any Accept > > We've done fwstop and fwstart. > > We were able to access the internet from the Unix > machine > but not from > internet to the unix machine. > > We saw from logviewer that it's rejected by rule 0. > Our Security Policy setting : > *Either Bund > * Accept UDP > * Enable decyption > * Accept VPN-1 fw connection > * Accept ICMP before last > * Accept outgoing packets from GW before last > * log implied rules. > > > What have we done wrong ? > > > tks. > > > rgds, > > Simon > > _______________________________________________ > Firewalls mailing list > [EMAIL PROTECTED] > http://lists.gnac.net/mailman/listinfo/firewalls
__________________________________________________ Do You Yahoo!? Yahoo! Sports - live college hoops coverage http://sports.yahoo.com/ _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
