Re: [FW1] FW-1, DHCP and xDSL

Fri, 13 Jul 2001 00:10:52 -0700 



I have done this for FW-1 4.1 on NT4, and it works. It requires one
assumption, however: you must always get the *SAME* IP address from the
DHCP server. If the FW-1 box is always on, this shouldn't be a problem.

1. Set the FW-1 service to start *manually*
2. Create a batch file that loops untl you've got an IP address.  You could
redirect the output of 'ipconfig' to a text file, or the output of a 'ping'
of your default gateway. Parse the file until you've got a success.
3. The last line of the batch file should be 'fwstart' or 'net start
fw1svc'

>From here, I can think of two ways to get the batch file to run on startup:

1. Put it in the startup group on the start menu and configure the machine
to automatically logon (see the MS knowledgebase)
2. Create a service (use the 'srvany' utility from the resource kit) that
starts automatically and calls the batch file

Works great. I've got a machine that is also running Terminal Services, so
I had to add something else in the batch file to determine if it's running
at the console or running in a remote term services session.

Good luck.

PS - be sure to allow outbound bootp packets from the firewall itself if
you're not allowing all outgoing packets.

Dave Grabowski, CCSE
System Arts, Inc.
(646) 253-9437 [Easy to remember as 6-Hockey-Hero]
[EMAIL PROTECTED]


                                                                                       
                                              
                    "Patrick McCann"                                                   
                                              
                    <[EMAIL PROTECTED]>                        To:     
<[EMAIL PROTECTED]>               
                    Sent by:                                    cc:                    
                                              
                    [EMAIL PROTECTED]        Subject:     [FW1] 
FW-1, DHCP and xDSL                               
                    kpoint.com                                                         
                                              
                                                                                       
                                              
                                                                                       
                                              
                    07/02/2001 07:08 PM                                                
                                              
                                                                                       
                                              
                                                                                       
                                              




I was wondering if anybody has managed to get FW-1 working with a DHCP
lease instead of a static IP address.  I have a site which may be upgraded
to an ADSL cable modem connection which issues the connected FW with a DHCP
Lease.  The FW-1 would then be used to Hide NAT all the internal hosts
behing the Address of the FW.

I know that when you create a Workstation object it needs a static address,
but was wondering if there is a way around this.

Many Thanks

Patrick.





================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Reply via email to