| |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FW1] NAT problems cont.
Hello,
I still can't get this simple NAT working. FYI, I've been stuck with
this firewall until the main guy gets back, and of course I don't
have access to his manuals etc in his locked office...
ok:
1. both network cards on the Firewall-1 have the same MAC address;
is this normal? (running Solaris 2.6 on an Ultra 2)
2. I keep getting this in /var/adm/messages:
Jan 8 11:14:17 hercules unix: FW-1: only 25 internal hosts allowed
Jan 8 11:14:17 hercules unix: FW-1: No valid license
Jan 8 11:14:17 hercules unix: FW-1: only 25 internal hosts allowed
Jan 8 11:14:17 hercules unix: FW-1: License okay
Jan 8 11:14:17 hercules unix: FW-1: initialized on hme2 (2)
Jan 8 11:14:17 hercules unix: FW-1: only 25 internal hosts allowed
One of the techs here says it's always been ok, but somehow I think
this might be causing problems?
3. After I setup the NAT exactly as specified in the docs (and how
some kind people on the list have told me), and I try to reach
the external IP from an internal address, I get this:
ICMP Host redirect from gateway hercules (192.168.9.20)
to mail (192.168.9.34) for .com (valid external IP)
ICMP Host Unreachable from gateway mail (192.168.9.34)
I should be able to ping through the NAT, right? The redirect
tells me that the manual static route I put in as per the docs
is working, but why won't it send the packet back to the mail
server?
Also, are there any docs on setting up a split-DNS on Firewall-1?
Can I do it?
Thanks!
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
|
|
