Hello. I have a situation I need to fix. I have a Nokia IP650 with
multiple ethernet ports. One port has been numbered with a public address
(x.x.x.8) and some of the others are meant to be gateways for private
subnets. For example:
fw1[admin]# netstat -rn
Routing tables
IPv4:
Destination Gateway Flags Refs Use Netif Expire
default x.x.x.1 CU 0 0
0.0.0.0 CU 0 0
10.3.14/23 CGUX 0 0 eth-s1p4
10.3.14.0 10.3.14.0 CGU 0 0 eth-s1p4
10.3.14.1 10.3.14.1 CGU 0 0 eth-s1p4
10.3.14.14 0:50:8b:d9:74:28 CGU 0 0 eth-s1p4
10.3.15.255 10.3.15.255 CGU 0 0 eth-s1p4
x.x.x/24 CGUX 0 0 eth-s1
x.x.x.0 x.x.x.0 CGU 0 0 eth-s1
x.x.x.1 0:2:16:b0:e6:0 CGU 0 0 eth-s1
x.x.x.3 8:0:20:d1:63:e CGU 0 0 eth-s1
x.x.x.6 0:c0:95:e3:d9:17 CGU 0 0 eth-s1
x.x.x.7 0:c0:95:e4:5:58 CGU 0 0 eth-s1
x.x.x.8 x.x.x.8 CGU 0 0 eth-s1
x.x.x.100 0:50:8b:9d:74:28 CGU 0 0 eth-s1
x.x.x5.255 x.x.x.255 CGU 0 0 eth-s1
127/8 BCU 0 0
127.0.0.1 127.0.0.1 CG 0 0
224/4 RCU 0 0
224.0.0.1 CDU 0 0
224.0.0.2 CDU 0 0
224.0.0.5 CDU 0 0
224.0.0.6 CDU 0 0
224.0.0.18 CDU 0 0
240/4 BCU 0 0
255.255.255.255 RCGU 0 0
I'm trying to use NAT with CP FW-1 v4.1 sp2 and IPSO 3.2.1 to get from the
outside world to the x.x.x.100 address which is a static NAT for 10.3.14.14.
I permanently published the MAC address within Voyager as I did on my
Solaris version. Unfortunately, I can not even ping the NAT public address
from an external network and nothing shows up in the FW log when I
temporarily log ALL ALL ALL LONG. Also, a machine on 10.3.10.0/23 can not
reach a machine on 10.1.14.0/23, even when CP isn't running.
Thoughts to help me get my Nokia to be a proper router before as well as
having CP NAT correctly.
Much thanks.
Chris
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
