Rajesh,
You need to add an ARP statement to the fw.
This configuration is a very poor design. You
should never allow direct access to your
internal network from the public world.
I would hope you would reconsider doing this
and explain to who-ever is making decisions
there to also think harder about it.
Robert
(BTW, I see you successfully have your Apache
server running ;)
- -
Robert P. MacDonald, Network Engineer
e-Business Infrastructure
G o r d o n F o o d S e r v i c e
Voice: +1.616.261.7987 email: [EMAIL PROTECTED]
>>> Rajesh Bandar <[EMAIL PROTECTED]> 9/5/00 8:47:19 PM >>>
>
>Hi,
>
>I have a checkpoint firewall running on a solaris 2.6 machine. I have a web
>server running in the internal network (private IP address). Is there anyway
>I can allow people on the internet to access the web server. Due to some reasons
>I can't put the webserver in DMZ. If I am right I need to do NAT for the web
>server host and allow http service.
>
>I tried the following but it didn't work:
>
>1. I did NAT for the web server (172.16.0.9 translated to 202.0.106.132).
>
>2. route add 202.0.106.132 172.16.0.9.
>
>3. ANY-->WEBSERVER--->HTTP---->ACCEPT(firewall rule).
>
>But it doesn't work. I can't even ping 202.0.106.132 from the firewall machine.
>Did I make any mistake. Please someone reply as soon as possible.
>
>Thanks,
>Rajesh.
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
