RE: [FW1] New to FW-1 need help

Fri, 02 Feb 2001 08:33:32 -0800 



You need to have the FW interfaces on separate subnets or it wont work.  

I've tried something similar to that for testing.... and just to see if I
could trick it into working and never had much luck.

Hopefully you can consolidate the stuff that needs to be behing the FW to a
smaller subnet and isolate it.... so you can still use public IPs but split
your subnet into two or more ...

Good luck...

> -----Original Message-----
> From: Francisco Rebelo [mailto:[EMAIL PROTECTED]]
> Sent: Friday, February 02, 2001 7:58 AM
> To: [EMAIL PROTECTED]
> Subject: [FW1] New to FW-1 need help
> 
> 
> 
> Here's a synopsis:
> 
>       Software:  CheckPoint Firewall-1 v.4.1 for Solaris
>       Hardware:  Sun Sparc 220R
>       Problem:  Firewall doesn't work
> 
> I'm new to firewalls and am learning as I go.  I installed 
> firewall-1 and
> configured everything I could find (the documentation really 
> bytes).  The
> sparc I am using has the onboard Ethernet which is hme0 and a quadfast
> Ethernet card (4 ports, qfe0 - 3).  Here is my problem, 
> everything boots
> fine no errors or anything.  But when I try to traverse the 
> firewall to hit
> my router the packets go through the internal interface but never exit
> through the external.  I created the external.if file and 
> blew away the
> fwd.h & .hosts files but no luck.  I also am not using NAT, 
> the powers that
> be here insist on using published IP's as there internal 
> IP's. I'm not sure
> if this is a config problem or a routing problem being that 
> the firewall
> (both NICs and internal side of router) are in the same 
> subnet as the rest
> of the network.  Does anyone else have this sort of config or 
> can shed any
> insight on what I need to do.
> 
> Thanks,
> 
> Cisco Rebelo
> Network Manager
> Millbrook Incorporated
> 
> 
> ==============================================================
> ==================
>      To unsubscribe from this mailing list, please see the 
> instructions at
>                http://www.checkpoint.com/services/mailing.html
> ==============================================================
> ==================
> 


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Reply via email to