Hi, I have a problem trying to tftp router configs through a cluster-pair of checkpoint-nokia firewalls. I can Telnet from the inside to the router outside the firewall but get a firewall error message when attempt to tftp the config back through the firewall. This all worked fine on Checkpoint firewall-1 running on NT, but doesn't work using Nokia boxes.
external side: tftp client (router) connected to external lan external lan is vlan-X across two Cisco Cat switches two firewalls with a connection to this external lan (fw1 on sw1 and fw2 on sw2) internal side: tftp server (unix) connected to internal lan internal lan is vlan-Y across same two Cisco Cat switches same two firewalls with a connection to this internal lan (fw1 on sw1 and fw2 on sw2) inter-firewall: a direct x-over cable between the firewall synch interfaces Tftp Client router attempts to tftp its configuration to the TFTP Host The Tftp Client Router sees the Tftp Host as an "external address" with the Checkpoint Firewalls translating this "external address" to the real internal address. This fails with the firewall logging the message "Connection contains real ip of NATed address" Checkpoint Knowledge Base Article SK14613 below seems to describe, but not quite as we have each firewall connected to a different switch for resilience. https://support.checkpoint.com/public/idsearch.jsp?id=sk14613&QueryText=%28% 28real%2C+ip%29%29&resultStart=1 Have raised a fault with Checkpoint but not holding my breath. Any thoughts? regards, Alan ********************************************************************** This e-mail is for use by the addressee only. If the message is received by anyone other than the addressee, please return the message to the sender by replying to it and then delete the message from your computer. Internet e-mail messages are not necessarily secure. Ulster Bank Group/The Royal Bank of Scotland and each of its Group companies does not accept responsibility for changes made to this message after it was sent. ********************************************************************** Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71971&t=71971 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]