NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] SecuRemonte NAT Pool

Title: RE: [FW1] SecuRemonte NAT Pool
You need to edit the local.arp
so your firewall can route correctly
eg.  10.1.1.230 AA-BB-CC-DD-EE-FF
       [internal IP in NAT pool] [Internal NIC]
-----Original Message-----
From: [email protected] [mailto:[email protected]]On Behalf Of Gibson, Brian
Sent: Thursday, January 04, 2001 7:37 PM
To: 'sp ch'; [email protected]
Subject: RE: [FW1] SecuRemonte NAT Pool

If you use addresses that are on the local network of the firewall you will need to set up proxy arps.  My recommendation is for you to use non-routable addresses(RFC 1918) that are routed to the firewall either by explicit route or by the default route.

> -----Original Message-----
> From: sp ch [mailto:[email protected]]
> Sent: Sunday, December 31, 2000 2:37 AM
> To: [email protected]
> Subject: [FW1] SecuRemonte NAT Pool
>
>
>
> In the test environment, I've tried using an "IP
> Range"
> object as the NAT pool and it just dont work!
> IKE negotiation is ok and user was authenticated but I
> just can map my drive (NT). Doing a TCP dump, I found
> that the destination is doing  arp and looking for
> whoever that owns the source IP (from the IP Pool) and
> there was no answer from anybody!
>
> I tried using a "Network" instead for the NAT IP Pool
> and well... it worked! (Still fumbling with the FTP
> connections but I guessed that could be easily solved)
>
> Any comments???  :-)
>
> __________________________________________________
> Do You Yahoo!?
> Yahoo! Photos - Share your holiday photos online!
> http://photos.yahoo.com/
>
>
> ==============================================================
> ==================
>      To unsubscribe from this mailing list, please see the
> instructions at
>                http://www.checkpoint.com/services/mailing.html
> ==============================================================
> ==================
>



***********************************************************************
Gruntal & Co., L.L.C.'s e-mail system is for business purposes only.
Messages are not confidential. All e-mail may be reviewed by
authorized supervisors, compliance or internal audit personnel.
E-mail will be archived for at least three years and may be produced
to regulatory agencies or others with a legal right to access such
information. Gruntal will not accept trade order instructions via
e-mail. Please telephone your Account Executive to place trade orders.

Gruntal & Co., L.L.C.
***********************************************************************


  
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.