Alex,
I assume that your network object and the associated
static IP aren't really on the same network.
But in this example, you need to add an arp statement
to your firewall. It already knows about the network,
since it's directly attached. If it isn't then you'll need to
add a route statement also.
arp -s hostname ether_addr [temp] [pub]
Hostname can be IP address.
Robert
- -
Robert P. MacDonald, Network Engineer
e-Business Infrastructure
G o r d o n F o o d S e r v i c e
Voice: +1.616.261.7987 email: [EMAIL PROTECTED]
>>> <[EMAIL PROTECTED]> 8/20/00 2:38:40 PM >>>
>Hi,
>
>I have 2 Ethernet cards in the gateway FW-1 (NT Sever 4 SP6):
>a)le0: 50.10.1.1 255.0.0.0
>b)le1: 20.10.1.1 255.0.0.0
>
>I have this network layout:
>a) PC2- 20.11.1.1 255.0.0.0 (gateway 20.10.1.1)
>b) PC5- 50.11.1.1 255.0.0.0 (gateway 50.10.1.1)
>Only PC2-FW1-PC5, no Internet conection, no router in the middle.
>
>I want the PC2 be reached from PC5 as 20.11.1.2 255.0.0.0 (imaginary IP)
>I've just configured the static NAT in the firewall. I'm sure all the security and
>NAT rules are ok.
>From the PC2 I can ping both interfaces (50.10.1.1 and 20.10.1.1) of the gateway, but
>I can't pass
>through the gateway.
>
>Seems to be a routing problem, I tried to configure in the gateway the route and arp
>tables.
>But doesn't work :-(
>
>Would you helpme with some configuration examples in the gateway, routing, arp, etc.?
>
>Thanks.
>
>Alex
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
