Hi again all, After completely rebuilding my SecurePlatform FP3 and rulebase to fix my authentication problems (it DID fix them by the way) I have just gone to test traffic directly passing through the firewall and it appears to not be working if there is a NAT involved.
For web browsing I access a proxy server on my DMZ without NAT and it accesses the Internet without a NAT. This works fine. But when I try FTP or NNTP to a host directly I see the entry in the log accepting the connection, but the applications come back saying connection failed. Just like Mayooran I see the correct TX address in the log as well (my two seperate internal networks are both hiding behind the firewalls external address) but nothing further. Strangely, a traceroute through the firewall works as it should... I am fairly sure I have this setup exactly as I did in FP2 and it worked fine there so is there something extra in FP3 that I need to do? I would be sooo happy to get everything to work on this platform at one time........... Routes are correct including default route on the firewall (otherwise the web proxy wouldn't work either) and antispoofing is setup correctly with the groups of networks on each interface assigned to that interface and the external interface set to "external". The access list on the external router is not to blame either as I have tested with it removed. Does anyone have any ideas of other things I can check? It seems to be a most peculiar problem. thanks in advance, Damien ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
