[FW-1] the wrong setting of router ,fw-1 or ipso?

Sat, 16 Feb 2002 04:23:58 -0800 

Hi

I am try to set a fw for my company.The fw-1 is run on Nokia 330 IPSO
3.4.

First I set it in my test environment.
            external if   internal if
HostA-------------------fw-----------------HostB

HostA ip           210.212.40.126/27
external interface 210.212.40.125/27
internal interface 192.168.2.1/26
HostB ip           192.168.2.2/26

static router table set in HostA
192.168.2.0/24  gw 210.212.40.125

static router table set in HostB
210.212.40.96/27  gw 192.168.2.1

The fw works very well.

Then I put it into real internet environmnet.

             external if   interal if
router-------------------fw--------------internal

route ip           210.212.40.126/27
external interface 210.212.40.125/27
internal interface 210.212.40.1/26
internal ip from   210.212.40.2 to 210.212.40.62

static router table in internal hosts
default gw 210.212.40.1

Then from internal side I can  ping 210.212.40.125/26.
and from internet side I can  ping 210.212.40.125/27.(I have set the
static route on Nokia putting the ip of router)

When I try to ping 210.212.40.1/26 from the internet then get
ping error message "TTL expired in transit".

And I got no reply from the internal hosts which try to ping
210.212.40.126/26.(Linux Os)

I thought the reason is the route can not send all the packests from
internet to the interal through 210.212.40.125.But the administrator
said it is my setting error in fw or Nokia because he heard that fw or
Nokia can do it itselt.Now I am confused with the concepts.

Can any one tell me why?Can fw or nokia be the really gateway?
If you have met the problem before,could you tell me how to solve it?

Thanks in advance

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================

Reply via email to