what have you done to troubleshoot the issue so far? You should check if proxy arp is configured properly for the nat IP, check the smarview tracker to see if translation is showing up there, finally do a tcpdump if necessary to see what IP is going out the external interface.
Regards, Bill -----Original Message----- From: theG man [mailto:[EMAIL PROTECTED] Sent: Sunday, October 03, 2004 10:23 PM To: [EMAIL PROTECTED] Subject: Re: [FW-1] HIDE nat problem to answer your questions, we have more than 10 firewall modules, all of them are working fine and is configured the same, but one of the firewall, has 2 local network, a 10 network and a 192 network, STATIC nat and HIDE nat on 192 is OK, but 10 network Static Nat for servers are OK but HIDE NAT for the network does not work ( for your inof it was working for the last 5 years and stopped working) they are all configured the same, what I think, and I have tried so far, which did not work, 1-A network Object Corrption, which was recreated and did not fix the problem 2- Upgrade all of the FIREWALLS to HFA09, did not fix the problem 3- Uninstalling Checkpoint and reinstalling would be my last try which I think It should fix the problem. thanks for all your comments. sam Ray <[EMAIL PROTECTED]> wrote: What does "one of the firewall has TWO networks, Hide nat on one of them wont work, but static NAT is OK" mean? Can you give an example? Do you mean two internal networks? I've got about 22 behind one gateway with Hide NAT working on all of them. If you're talking about two internal networks, how did you define the topology for the internal interface? It should be a network group object that has the two individual networks in the group. Ray >From: theG man >Reply-To: Mailing list for discussion of Firewall-1 > >To: [EMAIL PROTECTED] >Subject: Re: [FW-1] HIDE nat problem >Date: Sat, 2 Oct 2004 09:25:35 -0700 > >thanks for the info, but no you can't do this and does not work. >Sam G > >"Previtera, Sal" wrote: >Create your own rule on the Address Translation tab....defining the Source, >Destination, Service in the Original Packet and Source, Destination, >Service >on the Translated Packet...on the translated Packet you will tell if you >want to Hide or not. >Regards, >Sal. > >-----Original Message----- >From: theG man [mailto:[EMAIL PROTECTED] >Sent: Thursday, September 30, 2004 9:08 AM >To: [EMAIL PROTECTED] >Subject: [FW-1] HIDE nat problem > >hi erveryone, >we have a distributed enviroment, one MGMT (Win 2K R55 HFA 05)and over 10 >firewall moduel (all NOKIA IPSO 3.7.1, R55 HFA 05), >one of the firewall has TWO networks, Hid nat on one of them wont work, but >static NAT is OK, the HIDE and STATIC nat on the other network is ok. >To fix it, rebooted the firewall, delete the NETWORK object and recreated >did not fix the problem. >Does anyone has any clue? > >thanks >Sam > > > > >--------------------------------- >Do you Yahoo!? >Read only the mail you want - Yahoo! Mail SpamGuard. > >================================================= >To set vacation, Out-Of-Office, or away messages, >send an email to [EMAIL PROTECTED] >in the BODY of the email add: >set fw-1-mailinglist nomail >================================================= >To unsubscribe from this mailing list, >please see the instructions at >http://www.checkpoint.com/services/mailing.html >================================================= >If you have any questions on how to change your >subscription options, email >[EMAIL PROTECTED] >================================================= > >================================================= >To set vacation, Out-Of-Office, or away messages, >send an email to [EMAIL PROTECTED] >in the BODY of the email add: >set fw-1-mailinglist nomail >================================================= >To unsubscribe from this mailing list, >please see the instructions at >http://www.checkpoint.com/services/mailing.html >================================================= >If you have any questions on how to change your >subscription options, email >[EMAIL PROTECTED] >================================================= > > >--------------------------------- >Do you Yahoo!? >vote.yahoo.com - Register online to vote today! > >================================================= >To set vacation, Out-Of-Office, or away messages, >send an email to [EMAIL PROTECTED] >in the BODY of the email add: >set fw-1-mailinglist nomail >================================================= >To unsubscribe from this mailing list, >please see the instructions at >http://www.checkpoint.com/services/mailing.html >================================================= >If you have any questions on how to change your >subscription options, email >[EMAIL PROTECTED] >================================================= _________________________________________________________________ Express yourself instantly with MSN Messenger! Download today - it's FREE! hthttp://messenger.msn.click-url.com/go/onm00200471ave/direct/01/ ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= Please note that: 1. This e-mail may constitute privileged information. If you are not the intended recipient, you have received this confidential email and any attachments transmitted with it in error and you must not disclose, copy, circulate or in any other way use or rely on this information. 2. E-mails to and from the company are monitored for operational reasons and in accordance with lawful business practices. 3. The contents of this email are those of the individual and do not necessarily represent the views of the company. 4. The company does not conclude contracts by email and all negotiations are subject to contract. 5. The company accepts no responsibility once an e-mail and any attachments is sent. http://www.integralis.com ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
