NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] CP2000 on Win2k / SP3 / local.arp



The only issue with assigning multiple IP addresses to the same NIC is that
Windows can have problems with bindings on the different addresses.  I have
seen installations where services will only bind to one if the addresses on
a NIC and not the others, or it will bind to all the addresses but
one...that kind of thing.  It may be worth a try, but I wouldn't recommend
it for a production server....

my $.02

Steve Schuster, CCSE, CCNA
Midwest ISO
Security Analyst



-----Original Message-----
From: Kim Lohse [mailto:[email protected]]
Sent: Tuesday, January 09, 2001 7:58 AM
To: Firewall-1 Mailing List (E-mail)
Subject: RE: [FW1] CP2000 on Win2k / SP3 / local.arp



How about assigning several IP's to the same NIC directly in the network
configuration under 2000 and skipping local.arp all together? Wouldn't that
work? I must admit that I haven't tried it since I've hadn't had the need,
but it would be neat if it worked.
 
Any body tried this or has any comments about why it should or shouldn't
work?

-------------------------------------------- 
Kim S. Lohse, CCSA 
Security & System Administrator 
Sreg.Com A/S 
Ragnagade 7 · DK-2100 Copenhagen · Denmark 
Phone  +45 7015 0111 
Fax    +45 3915 0511 
Direct +45 3915 0541 
Mobile +45 2070 7012 
Web:    http://www.sreg.com 
E-mail: [email protected] 
-------------------------------------------- 
      S M A R T   S A F E T Y 
-------------------------------------------- 
-----Original Message-----
From: Palmer, Kevin [mailto:[email protected]]
Sent: den 19 december 2000 21:23
To: 'Arno Hechenberger'; Firewall-1 Mailing List (E-mail)
Subject: RE: [FW1] CP2000 on Win2k / SP3 / local.arp


Arno,

I just finished reading the release notes for FW-1 v4.1 SP3. The following
is from the "Limitations" section.

3 The local.arp file mechanism for ARP publishing does not
work on Windows 2000 which prevents the static destination
NAT from working. The current workaround is to add a static
route to direct the NATted traffic to the VPN-1/FireWall-1
gateway.

I am assuming that CheckPoint wants users to add a static route to the
Internet access router. The workaround is alright if you have access to the
router in front of your firewall. Most of my customers do not have the
ability to make or request changes to their access routers. Until this issue
is resolved I won't be deploying CP2000 on W2K.
Kevin Palmer 
Network Engineer - MCSE+I, CCSE 
Granite Solutions, Inc. 
P:P:F:http://www.gsite.com 
-----Original Message-----
From: Arno Hechenberger [mailto:[email protected]]
Sent: Monday, December 18, 2000 3:36 PM
To: 'Jon Vandiveer'; FW-1 Mailing List (E-Mail)
Subject: AW: [FW1] CP2000 on Win2k
Importance: High


HI !!!

I've just installed FW-1 on Win2000. It works fine and about 20% faster than
WinNT40 on the same hardware.

... but the FW-1 kernel is ignoring my local.arp for the static and hide NAT
functions !!!!

How to solve this problem ???


-----Ursprüngliche Nachricht-----
Von: [email protected]
[mailto:[email protected]]Im Auftrag von Jon
Vandiveer
Gesendet: Donnerstag, 23. November 2000 18:37
An: [email protected]
Cc: [email protected]
Betreff: [FW1] CP2000 on Win2k


It works, use the setup.exe

there are some limitations though (local.arp) does not work and you have to
turn on IP forwarding..... this is done with a reg hack to win2k

CP will support you on this

Jon


============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.