Is there an implied rule in your rulebase preventing ICMP ?
Click View > Implied Rules.
Enable it via policy properties if needed.
As long as you've setup local.arp to point 207.34.24.11 to the MAC address
of 207.34.24.44, and setup a route add 207.34.24.11 0.0.0.0 172.16.1.11 -p,
AND made sure traffic can get back out (ie default gateway on the NATted
machine points to the INTERNAL interface on the firewall), you'll be fine !
----- Original Message -----
From: Trent MacDougall <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: 27 March 2001 16:48
Subject: [FW1] NAT routing problem
>
> I have installed FW1 ver 4.1 Build 41716 [ VPN + DES + STRONG ].
> I have the following:
>
> internal net 172.16.1.0
> external net 207.34.24.0
> fw 207.34.24.44 / 172.16.1.1
>
> host x 172.16.1.11 with NAT 207.34.24.11
>
> I have setup the arp table on the firewall like I do on the 4.0 version
> and I have also setup the routing. It all seems to work fine on my 4.0
> version, but under 4.1 the fw cannot ping host x (207.34.24.11)
> yet there is a route for it. Has anyone seen this before?
> --
> Trent MacDougall @ InfoInterActive Inc.
> Network Administrator @ 902-832-2651
> [EMAIL PROTECTED]
>
>
>
============================================================================
====
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
>
============================================================================
====
>
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
