RE: [FW1] Routing with NT

Mon, 03 Jul 2000 06:58:25 -0700 


You shouldn't have to add static routes unless you have other subnets or
networks that the firewall is not directly connected and you want to route
traffic to.

Here is the command....

route add -p <network> MASK <mask> <gateway>

The -p makes the route persistent across reboots.  If you are simply trying
to ping interfaces on the NT server from internal or external nodes and you
have IP routing enabled I would look elsewhere for your problem.  Are you
allowing ICMP traffic through FW.  Stop the FW service and make sure you
don't have the "Control IP forwarding" option turned on.  Then try ping the
external interface from an internal node.  If you have success look at your
FW configuration instead of NT.

-----Original Message-----
From: Alexander Nelson [mailto:[EMAIL PROTECTED]]
Sent: Monday, July 03, 2000 10:26 PM
To: [EMAIL PROTECTED]
Subject: [FW1] Routing with NT



I have been tasked to rebuild the firewall at our office due to a problem 
with windows nt.

I am comfortable with firewall-1 not so much with windows nt.

I have a dual homed machine - one internal NIC (192.168.x.x address) and an 
external NIC
(205.x.x.x address). The external NIC has a default gateway set to our 
internet
connected router, and the internal NIC has no gateway set (per my fw-1 
readings).
I also have IP routing enabled in the TCP/IP settings.

Through my external NIC I am able to ping the router, and our ISP's DNS 
servers and
through the internal NIC I am able to ping other machines connected to the 
192.168.x.x
network.

My problem is I can not get the internal NIC to route to the external NIC.  
Before
installing the firewall I have tried to ensure I have full IP connectivity -

which I
don't.  From a machine inside the firewall I can't ping the external 
interface of the
firewall - again before installing fw-1


Do I need to add a route to NT's routing table ??  If so, what ??

Shouldn't NT does this for me ?
________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com



============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Reply via email to