[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] local.arp changes still not picked up
I think the documentation is wrong. If I am not mistaken it is actually IP then MAC. -----Original Message----- From: Jason Witty [mailto:[email protected]] Sent: Thursday, September 07, 2000 8:24 AM To: Rick Camp Cc: 'Bill McCabe'; [email protected] Subject: Re: [FW1] local.arp changes still not picked up Your local.arp file is backwards. It should be in the format (I thnk the FAQ listed it worng, as I just got this out of the CP books): <MAC ADDR> <IP ADDR> Not the other way around. Change it, reboot, you should be cool. Jason Rick Camp wrote: > > Bill, > > I ran into this problem about a year ago with an NT 4.0 firewall. I am not > sure as to the cause, but I did find a work around. > > We were using a Cisco 2524 router and by clearing the arp tables, it would > then pick up the new information from the local.arp file. I believe the > commands are show arp to look at the table and clear arp to clear it out and > you must be in enable mode on a Cisco router to clear the arp table. Maybe > someone with more router experience can confirm if I am remembering the > correct commands. > > If you can't telnet into your router you could try powering it off and back > on, but I don't know if that will solve the problem, and I don't know if you > are in a situation where you can down your router. > > I hope this helps. > > Rick > > _______________________________________ > Rick Camp > Welsh Consulting > 31 Milk Street, Suite 805 > Boston, MA 02109 >Tel >Fax > [email protected] > www.welsh.com > > -----Original Message----- > From: Bill McCabe [mailto:[email protected]] > Sent: Wednesday, September 06, 2000 10:54 PM > To: [email protected] > Subject: [FW1] local.arp changes still not picked up > > Sadly, the new proxy ARP entries still didn't take after a fwstop/start, > and even a reboot. The old one still works fine. The network objects and > rules are patterned identically to the working one, which was set up > according to the instructions in the Phoneboy FAQ. I clearly must be > missing something, unless it has to do with the limitations of Windows NT > 4.0 Workstation, or the fact that the internal NIC is Token Ring. Any > suggestions or leads would be greatly appreciated. > > Bill > > At 1:16 PM -0400 9/6/00, Bill McCabe wrote: > >Thanks for all the replies. I will bounce the firewall when I get the green > >light from above. I couldn't remember whether I had restarted the FW > >service last June when I added the prior static mapping. Since the Phoneboy > >FAQ says: > > > > > >>In Windows NT, the 'arp' command will not function in this manner. Version > >>2.1c and later of FireWall-1 will do the proxy arps for you. You must > >>create a file called %SystemRoot%\fw\state\local.arp (case matters!), > >>which is formated as follows: > >> > >>translated_ip_address mac_address > >> > >>In the example above, this file would contain: > >> > >>206.99.98.50 08-00-20-76-ea-77 > >> > >>Once you've set this file up, you will need to re-install the current > >>rulebase. > > > > > >I was hesitant to restart it for no reason. I naturally assumed I had made > >an error somewhere. > > > > > >Bill > > > > > > > > > >=========================================================================== > ==== > >= > > To unsubscribe from this mailing list, please see the instructions at > > http://www.checkpoint.com/services/mailing.html > >=========================================================================== > ==== > >= > > ============================================================================ > ==== > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================================ > ==== > > ============================================================================ ==== > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================================ ==== ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|