I cant see that this should be any problem at all on Linux/Splat, and also dont think it should be any problem to do this on windows.
But you have to configure this with manually nat rules as you say and also manual proxy arp. I'm not very windows friendly... but I guess that if you run "arp" without options you get some examples to configure a static arp entry. Regards, Erik On Wed, 2005-03-30 at 02:09 +0300, Chontzopoulos Dimitris wrote: > Hello gurus of the list, > > I have fresh-installed a brand new NG R55W with AI (distributed installation > -> 1 x Management Server & 2 Firewalls) and I'm facing some problems with > NAT... NG R55W with AI is installed on a Win2K Server with SP4 and all > hotfixes. > > My firewall has 4 interfaces: > > 1 inside my LAN (192.168.241.x/24) -> NET_A > 1 inside a LAN where other firewalls exist (192.168.69.x) -> NET_B > 1 inside a dummy network (172.16.26.0/24) -> NET_C > 1 inside another dummy network (172.16.27.0/24) -> NET_D > > What I'm trying to do is the following: > > Configure a server with NAT from LAN_A to be advertised in all other NETs -> > > SERVER01 is situated on NET_A (192.168.241.100) and I want him advertised > as: > 192.168.69.100 on NET_B > 172.16.26.100 on NET_C > 172.16.27.100 on NET_D > > Can it be done? I have added some static routing entries in the > corresponding firewall that handles all of the above NETs, added Manual > Address Translation rules, but, what a surprise, there are no Proxy Arp > entries for the thing to work... > > Is there a way for it to work? My guess is *YES*, it can work, if you: > > 01. Define 1 Network Object in NET_A (done that) 192.168.241.100 > 02. Define 1 Network Object in NET_B (done that) 192.168.69.100 > 03. Define 1 Network Object in NET_C (done that) 172.16.26.100 > 04. Define 1 Network Object in NET_D (done that) 172.16.27.100 > 05. Add the appropriate static routes (done that) > a. route add -p 192.168.69.100 192.168.241.100 > b. route add -p 172.16.26.100 192.168.241.100 > c. route add -p 172.16.27.100 192.168.241.100 > 06. Configure *STATIC* NAT rules (done that) > 07. Configure Manual Proxy ARP rules (how do I do that?) > > In the past, I used that magic file called "local.arp" with tremendous > success. Is there a way to use it now (remember, it is a distributed > installation)? If so, where should I place the file? > > Thanx and I apologize if I'm asking stupid questions; I've been trying to > accomplish the above (07) for the last 6 hours or so, so ANY - ME - HELP - > LOG, will be greatly appreciated. > > Cheers, > > > Dimitris > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
