OK, so taking from a similar setup that we have, you need the
following routes on the following devices, assuming you're doing
static and not messing around with actual RIP routing updates with
FW1. Caveat: I'm assuming that your "x.x" are representing *networks*
that you own and are just hiding for lurker security reasons.
On router:
route for 206.43.x.x (this is automatic route due to being connected)
static route for 206.67.x.x pointing at FW1 external 206.43.x.x
address as next hop
On nt firewall box:
kill auto route for connected 206.67.x.x that points at 127.0.0.1
static route for 206.67.x.x pointing at gateway of the 3rd nic
address.
Had to something similar at work with a multiple NIC fw-1 replacement
I'm building.
Bob Billington wrote:
>
> I suspect I have a routing problem, put I am unable to
> isolate where I have the problem, or for that matter
> why I have a problem
>
> The archtitecture is as follows (leaving out the
> 192.168.x.x interface for the moment)..
>
> 206.43.x.x --\
> Internet --- Router --- FW-1 ---- DMZ
> \_____206.67.x.x
>
> Thanks
>
> bob
> --- Jean-Pierre Harvey
> <[EMAIL PROTECTED]> wrote: > Bob,
> >
> > It sounds like a routing issue... is FW-1 running on
> > the NT box? Is the
> > router inside or outside? Your architecture is not
> > clear.
> >
> > Is it:
> >
> > Internet ---- FW-1 ---- Router ---- NT -NAT-
> > 192.168.x.x
> > \____206.67.x.x
> >
> > which seems like a strange setup.... can you do a
> > diagram like the one above
> > the way your network is set up?
> >
> > Regards
> > JP
> >
> > -----Original Message-----
> > From: Bob Billington
> > [mailto:[EMAIL PROTECTED]]
> > Sent: Sunday, August 12, 2001 5:22 PM
> > To: [EMAIL PROTECTED]
> > Subject: [FW1] Routing in NT with 3 nic's
> >
> >
> >
> > Folks,
> >
> > I have an NT 4 (sp 6a) host with three nics. The
> > first has an external IP address (206.43.x.x) and
> > directly connects to our router. The second nic has
> > a
> > 192.168.1.x address with static NAT - this is
> > working!!
> >
> > My problem is - the third nic. This nic has an
> > external IP address (206.67.x.x) and I can not seem
> > to
> > connect to it from the Internet side of the
> > firewall.
> >
> >
> > When I check the routing table, there is an entry
> > for
> > the 206.67.x.x network and has its gateway as the
> > address I have assigned at the firewall. The
> > address
> > of the nic itself has a gateway of 127.0.0.1. I
> > have
> > tried to add a route that points the 206.67.x.x
> > network to the external interface of the firewall,
> > however this was unsuccessful.
> >
> > I have an any any any accept rulebase, and when I
> > ping, I do not get any joy.
> >
> > Is this a routing issue? should I be considering
> > proxy
> > arps's?
> >
> > your help would be much appreciated...
> >
> > thanks
> >
> >
> >
> ____________________________________________________________________________
> > _
> > http://shopping.yahoo.com.au - Father's Day Shopping
> > - Find the perfect gift for your Dad for Father's
> > Day
> >
> >
> >
> ============================================================================
> > ====
> > To unsubscribe from this mailing list, please
> > see the instructions at
> >
> > http://www.checkpoint.com/services/mailing.html
> >
> ============================================================================
> > ====
>
> _____________________________________________________________________________
> http://shopping.yahoo.com.au - Father's Day Shopping
> - Find the perfect gift for your Dad for Father's Day
>
> ================================================================================
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> ================================================================================
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
