Is the traffic making it to the FW? Are you having arp issues? Just a thought.
-----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Charlie Saliba Sent: Tuesday, July 19, 2005 12:21 AM To: [email protected] Subject: Re: [FW-1] NGX Upgrade Our Current Setup Main Site - Firewall NG FP3 on Windows 2000 Server, SP4 w/ Updates Alt Site - Firewall NG FP3 on Windows 2000 Server, SP4 w/ Updates Goal: to update each firewall to Windows Server 2003, SP1 & CP NGX We have a spare box at Main Site loaded with Windows Server 2003 SP1 & CP NGX We ran the config utility on the CPFP3 to export all settings so we could import on the spare box. We installed CP NGX, imported the config file from FP3, installed temporary licenses until we verified 100% usability. When we boot up the spare box (in the position of the primary firewall at main site), assigned with correct IP information, the site-to-site VPN with Alt Site is working correctly, All Outbound traffic routes through the firewall correctly. We cannot connect to any public resource on our DMZ or remote in through VPN (non-check point). Therefore, no traffic that has to be nat'ed through our firewall is making it through. There is also no DROPS or REJECTS in the firewall logs to help us troubleshoot. Does this help? Charlie Pooja P. wrote: >Charlie, > >You need to give me some more details on the setup,we are not able to get it properly. > Is it Anti-Spoofing Config problem ? > >Regards >Pooja P. > >________________________________ > >From: Mailing list for discussion of Firewall-1 on behalf of Charlie Saliba >Sent: Mon 7/18/2005 10:20 PM >To: [email protected] >Subject: [FW-1] NGX Upgrade > > > > Greetings List > >My collegue has recently installed NGX on a spare box and we just >swapped over the connections. Everything works internally but *nothing* >is getting through the firewall to the inside network. And to aide in >the problems, there is nothing showing up in the logs to aid in >troubleshooting. > >All traffic is going outbound; all traffic on our Site to Site VPN is >working, Internet traffic at the other site is going out it's respective >gateway. > >Does anyone have any clues or know where we could troubleshoot? > >Thanks >charlie > >================================================= >To set vacation, Out-Of-Office, or away messages, >send an email to [EMAIL PROTECTED] >in the BODY of the email add: >set fw-1-mailinglist nomail >================================================= >To unsubscribe from this mailing list, >please see the instructions at >http://www.checkpoint.com/services/mailing.html >================================================= >If you have any questions on how to change your >subscription options, email >[EMAIL PROTECTED] >================================================= > > > >**************** CAUTION - Disclaimer ***************** >This e-mail contains PRIVILEGED AND CONFIDENTIAL INFORMATION intended solely for the use of the addressee(s). If you are not the intended recipient, please notify the sender by e-mail and delete the original message. Further, you are not to copy, disclose, or distribute this e-mail or its contents to any other person and any such actions are unlawful. This e-mail may contain viruses. Infosys has taken every reasonable precaution to minimize this risk, but is not liable for any damage you may sustain as a result of any virus in this e-mail. You should carry out your own virus checks before opening the e-mail or attachment. Infosys reserves the right to monitor and review the content of all messages sent to or from this e-mail address. Messages sent to or from this e-mail address may be stored on the Infosys e-mail system. >***INFOSYS******** End of Disclaimer ********INFOSYS*** > >================================================= >To set vacation, Out-Of-Office, or away messages, >send an email to [EMAIL PROTECTED] >in the BODY of the email add: >set fw-1-mailinglist nomail >================================================= >To unsubscribe from this mailing list, >please see the instructions at >http://www.checkpoint.com/services/mailing.html >================================================= >If you have any questions on how to change your >subscription options, email >[EMAIL PROTECTED] >================================================= > > > ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
