I'm running FW-1 v4.0 SP5 on Solaris 2.6. The firewall is configured with
static address translation to allow clients on our internal network
(firewall interface hme0) to access servers on an external LAN (firewall
interface qfe0). The external LAN is configured with reserved IP addresses
that are not routable on our internal network. When SP5 was installed users
began having intermittent problems connecting to servers on the external
LAN. I monitored interface qfe0 with snoop while a telnet connection was
attempted from the internal network to server A on the external LAN. I
found that the firewall's ARP broadcasts have server A's internal IP address
in the "Target Protocol Address" field of the ARP packet. (A router on the
external LAN replies to the firewall with its hardware address.)
Why is the firewall putting the wrong IP address in the ARP request? It's
as if the firewall generates the ARP packet before the destination IP
address of the connection request is translated.
--Mike
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
