Hi,
This works, but only for host B (or another host in that subnet) pinging to
host A (it's host A who doesn't know how to deal with packets from net
192.168.8.x, so he sends them to his default gateway..;)
So the only thing you reach by setting the default gateway of host A to the
firewall is that you can't reach host A from the internal network,(and you
can't reach the internal network from host A) but you can reach all the
rest(assuming there are no acl's), otherwise you wont't even be able to
access the internet.
regards,
Tom
-----Original Message-----
From: Sukhpreet Singh
To: '[EMAIL PROTECTED]'
Sent: 24-8-00 22:02
Subject: [FW1] multiple subnets behing the gateway
Suppose host B in the diagram below pings host A. A sends it's
echo-reply
packets to the firewall because that's the default gateway. Firewall
drops
the echo reply packet because it does not see a corresponding echo
request
packet. Does it work like this? If yes, I know creating a rule that
allows
all communications between the internal nets would help things. I ask
this
because I think a lot of netbios traffic is being dropped between these
internal nets. Although I suspect the tcp timeouts could be causing some
problems too. I'd appreciate any comments on this. Thanks.
Internet
|
Firewalled Gateway Checkpoint Firewall-1 ver 4.1 SP2
(192.168.2.1/24)
|
A (192.168.2.2/24) Def GW 192.168.2.1
|
(192.168.2.5/24)
Router
192.168.8.1/24)
|
B(192.168.8.2) Def GW 192.168.8.1
========================================================================
========
To unsubscribe from this mailing list, please see the instructions
at
http://www.checkpoint.com/services/mailing.html
========================================================================
========
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
