[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] CP2000 on Win2k / SP3 / local.arp
The only issue with assigning multiple IP addresses to the same NIC is that Windows can have problems with bindings on the different addresses. I have seen installations where services will only bind to one if the addresses on a NIC and not the others, or it will bind to all the addresses but one...that kind of thing. It may be worth a try, but I wouldn't recommend it for a production server.... my $.02 Steve Schuster, CCSE, CCNA Midwest ISO Security Analyst -----Original Message----- From: Kim Lohse [mailto:[email protected]] Sent: Tuesday, January 09, 2001 7:58 AM To: Firewall-1 Mailing List (E-mail) Subject: RE: [FW1] CP2000 on Win2k / SP3 / local.arp How about assigning several IP's to the same NIC directly in the network configuration under 2000 and skipping local.arp all together? Wouldn't that work? I must admit that I haven't tried it since I've hadn't had the need, but it would be neat if it worked. Any body tried this or has any comments about why it should or shouldn't work? -------------------------------------------- Kim S. Lohse, CCSA Security & System Administrator Sreg.Com A/S Ragnagade 7 · DK-2100 Copenhagen · Denmark Phone +45 7015 0111 Fax +45 3915 0511 Direct +45 3915 0541 Mobile +45 2070 7012 Web: http://www.sreg.com E-mail: [email protected] -------------------------------------------- S M A R T S A F E T Y -------------------------------------------- -----Original Message----- From: Palmer, Kevin [mailto:[email protected]] Sent: den 19 december 2000 21:23 To: 'Arno Hechenberger'; Firewall-1 Mailing List (E-mail) Subject: RE: [FW1] CP2000 on Win2k / SP3 / local.arp Arno, I just finished reading the release notes for FW-1 v4.1 SP3. The following is from the "Limitations" section. 3 The local.arp file mechanism for ARP publishing does not work on Windows 2000 which prevents the static destination NAT from working. The current workaround is to add a static route to direct the NATted traffic to the VPN-1/FireWall-1 gateway. I am assuming that CheckPoint wants users to add a static route to the Internet access router. The workaround is alright if you have access to the router in front of your firewall. Most of my customers do not have the ability to make or request changes to their access routers. Until this issue is resolved I won't be deploying CP2000 on W2K. Kevin Palmer Network Engineer - MCSE+I, CCSE Granite Solutions, Inc. P:P:F:http://www.gsite.com -----Original Message----- From: Arno Hechenberger [mailto:[email protected]] Sent: Monday, December 18, 2000 3:36 PM To: 'Jon Vandiveer'; FW-1 Mailing List (E-Mail) Subject: AW: [FW1] CP2000 on Win2k Importance: High HI !!! I've just installed FW-1 on Win2000. It works fine and about 20% faster than WinNT40 on the same hardware. ... but the FW-1 kernel is ignoring my local.arp for the static and hide NAT functions !!!! How to solve this problem ??? -----Ursprüngliche Nachricht----- Von: [email protected] [mailto:[email protected]]Im Auftrag von Jon Vandiveer Gesendet: Donnerstag, 23. November 2000 18:37 An: [email protected] Cc: [email protected] Betreff: [FW1] CP2000 on Win2k It works, use the setup.exe there are some limitations though (local.arp) does not work and you have to turn on IP forwarding..... this is done with a reg hack to win2k CP will support you on this Jon ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|