RE: [FW1] NAT problem?

Wed, 20 Jun 2001 15:52:11 -0700

Title: RE: [FW1] NAT problem?
With FW-1, you must remember that you actually need to add the arp entry to the local.arp file, instead of just to the OS.....  The route is as below.
 
James. 
 
 -----Original Message-----
From: Shah, Nishith [mailto:[EMAIL PROTECTED]]
Sent: 18 June 2001 17:21
To: 'Murat Tora'; Fw-1-Mailinglist (E-mail)
Cc: '[EMAIL PROTECTED]'
Subject: RE: [FW1] NAT problem?


Your  firewall does not know how to route to the NATTED box.
You also need to add arp entry on your firewall that points to the linux box.
Something like this

arp -s public_IP  mach_address(of the linux box)
route add host Public_IP Private_IP 1

----- Original Message -----
From: "Bilgehan turan" <[EMAIL PROTECTED]>
To: "Fw-1-Mailinglist (E-mail)"
<[EMAIL PROTECTED]>
Sent: Friday, June 15, 2001 2:50 PM
Subject: [FW1] NAT problem?


>
> Hi
> I want to put a linux box behind checkpoint FW-1 4.1 (running on NT box)
by
> NAT of course.
> I can ping to outside from linux but I could not ping from outside from my
> linux.
> When I look online logs (when pinging from outside), dropped or accepted
> packets were not displayed in logs.
> But when pinging from inside to an outside machine , icmps were displayed.
> I configure the NAT the same as an NT box which works fine for NAT in our
> policies.
> In interfaces tab, I add eth0 (which is the linux ethernet interface name)
> and its internal address.
> and in NAT tab, its real ip was inserted as static.
> Everthing looks fine , but not works.Something wrong with my NAT.
> I also add a rule that any source to any service to my linux box is
accepted
> and I restrat FW services.
> Have an idea ?
>
> thanks in advance
>
>
> Bilgehan TURAN
> System and Network Administrator
> Ph    : +90 312 2354441
> Mob : +90 532 4209266
>
>
>
>
============================================================================
====
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
>
============================================================================
====
>



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Reply via email to