----- Original Message -----
Sent: Friday, September 22, 2000 2:52
PM
Subject: [FW1] NAT and DMZ
routing
Hi there,
I am having a problem with the DMZ setup that I am trying
to implement and I hope to borrow some of everyone's expertise to help me
solve this.
I have a FW-1 4.1 sp2 running on a Winnt 4.0 sp5 box. It
has 3 interfaces:
External: Routable
Address
Internal: 192.168.0.1 (255.255.255.0)
(Hide NAT to the external address of the firewall)
DMZ: 172.16.0.1 (255.255.0.0)
I have a web server in the DMZ (172.16.0.5) and it's NATed
to a static routable address.
I can hit the web
server from both the firewall itself and the internal network but I cannot
access it from the internet.
The ruleset is any any any accept and I don't see any
drops or rejects in the logs at all. I've turned on every scrap of logging
I could find. I've created an entry in the local.arp file (translated
address to external MAC of the firewall) and added a persistent static
route from the translated address to the internal address for the web
server.
Is there something that I'm totally missing?
All help is greatly appreciated!
Rob Michayluk
Computing Network
Services
ACD Systems Ltd.
[email protected]