Re: RE: [FW1] routing problem?

Wed, 26 Jul 2000 06:48:21 -0700 


check your logs for packets dropped on rule 0
to resolve the problem with accessing it from the internet, you need to create an 
object for the valid addresses and add it to the valid address group for spoof 
tracking.  once this has been resolved, you could be faced with another related 
problem.  the webserver not accessible from its domain name from the internal net.  
use internal dns or access it by its internal private address.

Dan Snyder

>>> "Wentzel, James (ITD)" <[EMAIL PROTECTED]> 07/24 4:21 PM >>>

Have you entered anything into the arp table on the firewall for the valid
IP address wit the mac address of the firewalls external interface?  Have
you added a host route into the firewall routing table pointing the legal
address to the next hop for the internal address?

Jim Wentzel


 -----Original Message-----
From:   mis [mailto:[EMAIL PROTECTED]] 
Sent:   Monday, July 24, 2000 3:11 PM
To:     [EMAIL PROTECTED] 
Subject:        [FW1] routing problem?


Can anybody tell what I am missing here?

localnet ----- gateway ------- router ------ internet
(10.0.1.*)        |
                      |
                webserver (10.0.2.2)

i used static nat my webserver (10.0.2.2) to a valid IP (x.x.x.1)
I can brower the Internet on the webserver using its translated valid IP

but i cannot connect to the webserver using its valid IP from the localnet,
or from the Internet, why?





============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html 
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html 
================================================================================



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Reply via email to