-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi guys,
We are an MSP who is having a weird problem on one of our customer firewalls. Everything was fine with NAT and the way the firewall worked until it was upgraded to NG - what a shock right? The reason for the upgrade was that the customer needs 2 external interfaces. Here is the problem: IP 330 running IPSO 3.5, 25 IP NG FP2 VPN-1 Pro. Static route in place and manual NAT rules. Load balancer tries to make a TFTP connection going out for backup purposes. Connection is accepted. Right after that, we get 2 drops, one that states "Connection contains real IP address of NAT'ed IP" on the data port for the TFTP and the other an ICMP type 3, code 3 with the same message. I have checked the mailing lists, phoneboy, and secure knowledge. Only thing I could find was an old email that was apparently never answered around FW 4.0. Any help would be GREATLY appreciated. Mark William Lane Dipl.-Inform.(FH) Installation & Implementation Manager CCSA/CCSE-2000, CCSA/CCSE-NG SNC Secure Networking Company AG Making the Internet Secure for You! [EMAIL PROTECTED] Tel.: +49 (0)6152-9791-71 Fax: +49 (0)6152-9791-99 www.securenetworking.de PGP Fingerprint: 9B45 52D7 FCBD B0AA 21E0 1223 DEBF 25E8 3321 4EB1 - - - -------------- Diese Nachricht kann vertrauliche Informationen enthalten. Wenn Sie nicht der in der Nachricht enthaltene Empf�nger sind (oder verantwortlich f�r die �berbringung der Nachricht zu dieser Person), sind sie nicht befugt, diese zu kopieren oder einer beliebigen Person zu �berbringen. In diesem Fall l�schen Sie bitte diese Nachricht und informieren Sie den Absender mit Hilfe einer R�ckantwort per Email. Bitte unterrichten Sie uns unverz�glich, wenn Sie oder ihr Arbeitgeber einer �bermittlung von Nachrichten dieser Art mittels Internet nicht zustimmen. �berzeugungen, R�ckschl�sse und andere Informationen, die in dieser Nachricht enthalten sind und nicht zu den offiziellen Gesch�ftsgepflogenheiten unserer Firma geh�ren, werden nicht unterst�tzt und als nie erkl�rt gewertet. - - - -------------- Confidential Information may be contained in this message. If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or deliver this message to anyone. In such case, you should destroy this message and kindly notify the sender by reply email. Please advise immediately if you or your employer does not consent to Internet email for messages of this kind. Opinions, conclusions and other information in this message that do not relate to the official business of my firm shall be understood as neither given nor endorsed by it. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (MingW32) - WinPT 0.4.0 iEYEARECAAYFAj2kUFwACgkQ3r8l6DMhTrGKxACeNf0NuAwYTNsdbSmFGFvPxEPd 4pkAnRRKLiVIJ+JS1qFRBOBGskJ7f5tq =r5qL -----END PGP SIGNATURE----- ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
