You can also add an arp statement to a cisco router, not sure about other brands.
-----Original Message----- From: Lars Troen [mailto:Lars.Troen@;PROXYCOM.NO] Sent: 23 October 2002 12:10 To: [EMAIL PROTECTED] Subject: Re: [FW-1] how to make static NAT in Checkpoint NG FP 3 ? Ario, You have two options: either: 1) Make a static route on your router pointing the public ip of your NATted server to the interface of the firewall: ip route public.ip.of.server 255.255.255.255 public.ip.of.firewall -or- 2) Get fwparp and run it like this: fwparp public.ip.of.server public.ip.of.firewall You must run this command each time you boot your firewall, so I guess I'd stick with option #1. fwparp is a checkpoint utility. Lars > -----Original Message----- > From: ario [mailto:ario@;SIGNET.CO.ID] > Sent: Wednesday, October 23, 2002 11:32 > To: [EMAIL PROTECTED] > Subject: Re: [FW-1] how to make static NAT in Checkpoint NG FP 3 ? > > > Hi Lars, > If I saw arp table in router, I could not find the public IP of my > servers that published with static NAT > so how is the step of procedures to solve this problem??? > Thank you for your help and attention > Regards, > > > Ario > > -----Original Message----- > From: Mailing list for discussion of Firewall-1 > [mailto:FW-1-MAILINGLIST@;beethoven.us.checkpoint.com]On Behalf Of Lars > Troen > Sent: Wednesday, October 23, 2002 3:29 PM > To: [EMAIL PROTECTED] > Subject: Re: [FW-1] how to make static NAT in Checkpoint NG FP 3 ? > > > Is your arp working? With fp3 fw ctl arp will yeld the expected > results, while the arp entries are not really published. I had to use > fwparp to get > arp working again. To verify this you must view the arp table > of one of your > external devices (a device (usually a router) on the external > nic, must be > on the same lan). > > Lars > > > -----Original Message----- > > From: ario [mailto:ario@;SIGNET.CO.ID] > > Sent: Wednesday, October 23, 2002 05:50 > > To: [EMAIL PROTECTED] > > Subject: Re: [FW-1] how to make static NAT in Checkpoint NG FP 3 ? > > > > > > Suga, > > I have tried to do like what you suggest to me but it still could > > not make static NAT to my servers in my LAN > > If I saw in logviewer my servers have been published and > > could be accessed > > from external segment(internet) but actually my servers, i.e > > web server > > could not be accessed from external segment > > I don't know why??? I really need a help for this > > Thank you for your help and attention > > Regards, > > > > > > Ario > > > > > > > > -----Original Message----- > > From: Mailing list for discussion of Firewall-1 > > [mailto:FW-1-MAILINGLIST@;beethoven.us.checkpoint.com]On Behalf Of > > [EMAIL PROTECTED] > > Sent: Tuesday, October 22, 2002 4:41 PM > > To: [EMAIL PROTECTED] > > Subject: Re: [FW-1] how to make static NAT in Checkpoint NG FP 3 ? > > > > > > Ario, > > > > Procedure between installing and configuring checkpoint NG FP 2 and > > checkpoint NG FP 3 are prity much the same, but they have > > restructured all the objects and groups and Also renamed all the > > standard policy editors and > > logviewer. > > > > Regards > > Suga > > > > > > ----- Original Message ----- > > > > From: ario > > > > Date: Tue, 22 Oct 2002 08:46:32 +0700 > > > > To: [EMAIL PROTECTED] > > > > Subject: Re: [FW-1] how to make static NAT in Checkpoint NG FP 3 ? > > > > > > > > > > > > > Suga, > > > > > > > > > > > > > > Thank you for your help and I'll try to do like what suggest > > > > > > > btw, is there any difference procedure between installing > > and configuring > > > > > > > checkpoint NG FP 2 and checkpoint NG FP 3??? > > > > > > > Thank you for your help and attention > > > Regards, > > > > > > > > > Ario > > > > > > > > > > > > -----Original Message----- > > > From: Mailing list for discussion of Firewall-1 > > > > > > > [mailto:FW-1-MAILINGLIST@;beethoven.us.checkpoint.com]On > > Behalf Of Suga > > > > > > > Sent: Monday, October 21, 2002 6:23 PM > > > > > > > To: [EMAIL PROTECTED] > > > > > > > Subject: Re: [FW-1] how to make static NAT in Checkpoint NG FP 3 ? > > > > > > > > > > > > > > > > > > > > > Ario, > > > > > > > > > > > > > > You need to creat a host node with its real IP > > > > > > > address, on the NAT tab of that object give the > > > > > > > external IP address and also you need to add a rule to > > > > > > > specify host, destination, services etc to allow > > > > > > > access to this host. When all this is done, after > > > > > > > installing the policy on the firewall, try to access > > > > > > > the host. > > > > > > > > > > > > > > If you still have no luck, try to browse out from that > > > > > > > host itself, so that the arp table on the gateway > > > > > > > (router) will be updated for that NATted host. > > > > > > > > > > > > > > Hope this helps. > > > > > > > > > > > > > > Regards > > > > > > > Suga > > > > > > > > > > > > > > > > > > > > > --- ario wrote: > MessageHi, > > > > > > > > > > > > > > > > I'm a beginner and I have installed Checkpoint NG FP > > > > > > > > 3 on Windows 2000 > > > > > > > > Server SP 2 successfully > > > > > > > > I have tried to make hide NAT for my LAN to access > > > > > > > > internet and it can be > > > > > > > > done successfully too > > > > > > > > but when I published my server with static NAT, I > > > > > > > > got the problem in which > > > > > > > > my servers can not be accessed from internet > > > > > > > > Any body can help me to solve that problem ??? > > > > > > > > Actually, what's the > > > > > > > > procedure to make static NAT for the publised > > > > > > > > servers on Checkpoint NG FP 3 > > > > > > > > ??? I really need a help for this... > > > > > > > > Thank you for your help and attention > > > > > > > > > > > > > > > > > > > > > > > > Regards, > > > > > > > > > > > > > > > > Ario > > > > > > > > > > > > > > > > > > > > > __________________________________________________ > > > > > > > Do You Yahoo!? > > > > > > > Everything you'll ever need on one web page > > > > > > > from News and Sport to Email and Music Charts > > > > > > > http://uk.my.yahoo.com > > > > > > > > > > > > > > ================================================= > > > > > > > To set vacation, Out Of Office, or away messages, > > > > > > > send an email to [EMAIL PROTECTED] > > > > > > > in the BODY of the email add: > > > > > > > set fw-1-mailinglist nomail > > > > > > > ================================================= > > > > > > > To unsubscribe from this mailing list, > > > > > > > please see the instructions at > > > > > > > http://www.checkpoint.com/services/mailing.html > > > > > > > ================================================= > > > > > > > If you have any questions on how to change your > > > > > > > subscription options, email > > > > > > > [EMAIL PROTECTED] > > > > > > > ================================================= > > > > > > > > > > > > > > ================================================= > > > > > > > To set vacation, Out Of Office, or away messages, > > > > > > > send an email to [EMAIL PROTECTED] > > > > > > > in the BODY of the email add: > > > > > > > set fw-1-mailinglist nomail > > > > > > > ================================================= > > > > > > > To unsubscribe from this mailing list, > > > > > > > please see the instructions at > > > > > > > http://www.checkpoint.com/services/mailing.html > > > > > > > ================================================= > > > > > > > If you have any questions on how to change your > > > > > > > subscription options, email > > > > > > > [EMAIL PROTECTED] > > > > > > > ================================================= > > > > > > > > > -- > > > > Powered by Outblaze > > > > ================================================= > > To set vacation, Out Of Office, or away messages, > > send an email to [EMAIL PROTECTED] > > in the BODY of the email add: > > set fw-1-mailinglist nomail > > ================================================= > > To unsubscribe from this mailing list, > > please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================= > > If you have any questions on how to change your subscription > > options, email [EMAIL PROTECTED] > > ================================================= > > > > ================================================= > > To set vacation, Out Of Office, or away messages, > > send an email to [EMAIL PROTECTED] > > in the BODY of the email add: > > set fw-1-mailinglist nomail > > ================================================= > > To unsubscribe from this mailing list, > > please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================= > > If you have any questions on how to change your subscription > > options, email [EMAIL PROTECTED] > > ================================================= > > > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ######################################################################## ############# Scanned for Viruses and Content and cleared by the Webvein Mail Gateway ######################################################################## ############# ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
