Hi Rasjeh,
You must make a arp to the NAT IP-address on the firewall like this:
arp -s <NAT IP-address> <firewall's MAC address> pub
Put a metric value in the route add command like 1:
route add 202.0.106.132 172.16.0.9 1
Mvh/Regards
Vu An Nguyen
Tlf/Phone: 22770962
E-mail: [EMAIL PROTECTED]
> -----Original Message-----
> From: Rajesh Bandar [SMTP:[EMAIL PROTECTED]]
> Sent: 6. september 2000 02:47
> To: [EMAIL PROTECTED]
> Subject: [FW1] NAT question
>
>
> Hi,
>
> I have a checkpoint firewall running on a solaris 2.6 machine. I have a
> web
> server running in the internal network (private IP address). Is there
> anyway
> I can allow people on the internet to access the web server. Due to some
> reasons
> I can't put the webserver in DMZ. If I am right I need to do NAT for the
> web
> server host and allow http service.
>
> I tried the following but it didn't work:
>
> 1. I did NAT for the web server (172.16.0.9 translated to 202.0.106.132).
>
> 2. route add 202.0.106.132 172.16.0.9.
>
> 3. ANY-->WEBSERVER--->HTTP---->ACCEPT(firewall rule).
>
> But it doesn't work. I can't even ping 202.0.106.132 from the firewall
> machine.
> Did I make any mistake. Please someone reply as soon as possible.
>
> Thanks,
> Rajesh.
>
>
>
> ==========================================================================
> ======
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> ==========================================================================
> ======
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
