----- Original Message -----
Sent: Friday, September 22, 2000 2:52
PM
Subject: [FW1] NAT and DMZ
routing
Hi there,
I am having a problem with the DMZ setup that I am trying to
implement and I hope to borrow some of everyone's expertise to help me solve
this.
I have a FW-1 4.1 sp2 running on a Winnt 4.0 sp5 box. It has
3 interfaces:
External: Routable Address
Internal: 192.168.0.1 (255.255.255.0) (Hide NAT to the
external address of the firewall)
DMZ: 172.16.0.1
(255.255.0.0)
I have a web server in the DMZ (172.16.0.5) and it's NATed
to a static routable address.
I can hit the web
server from both the firewall itself and the internal network but I cannot
access it from the internet.
The ruleset is any any any accept and I don't see any drops
or rejects in the logs at all. I've turned on every scrap of logging I could
find. I've created an entry in the local.arp file (translated address to
external MAC of the firewall) and added a persistent static route from the
translated address to the internal address for the web server.
Is there something that I'm totally missing?
All help is greatly appreciated!
Rob Michayluk
Computing Network
Services
ACD Systems Ltd.
[email protected]