[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] NAT Problem in CP-Firewall
Do you have IP spoofing protection? Did you put your NATed hosts into allowed IPs on inside NIC? Regards, Iztok > -----Original Message----- > From: Jey Baskar [mailto:[email protected]] > Sent: Monday, January 15, 2001 10:28 AM > To: [email protected]; [email protected]; > [email protected] > Subject: RE: [FW1] NAT Problem in CP-Firewall > > > > > I did follow the suggestion of adding the arp entry and the > route but I am still struck up the same problem. > > After adding the following entries > 1. arp -s 205.148.243.3 <mac address of the external firewall> > 2. route add 205.148.243.3 10.1.3.5 > > it doesn't seems working. I also added the next hop inside > the firewall too !! > > Thanks for your time and suggestion > Jey! > > > >>> Mustetab Ali Khan <[email protected]> 01/14/01 10:08AM >>> > > Dear BASKAR, > > You also need to add an arp entry for the natted address ... > > arp - 205.148.243.3 <mac address of the firewall external card> > > in addition u need to add a route as follows > route add 205.148.243.3 <10.x.x.x> ip of the firewall internal card > > -Mustetab > Network Security Engineer > HCL Comnet Systems & Services > > -----Original Message----- > From: ITN (Bipin Mehta) > To: 'Jey Baskar'; [email protected] > Sent: 01/14/2001 6:25 PM > Subject: RE: [FW1] NAT Problem in CP-Firewall > > You need to add a static route on your firewall for the translated > address (205.148.243.3)to the next hop inside the firewall or to the > internal ethernet port because before translation the firewall does > internal routing. > > > > > -----Original Message----- > From: Jey Baskar [ mailto:[email protected] > <mailto:[email protected]> > ] > Sent: Saturday, January 13, 2001 1:02 AM > To: [email protected] > Subject: [FW1] NAT Problem in CP-Firewall > > > > Hello, > > We have installed Checkpoint Firewall-1 in our environment. I > am facing > a problem of unable to PING to the NATted address. > > > 10.1.3.15 205.148.243.2 205.148.243.1 > HOSTA ------- FIREWALL -------- ROUTER ---------- INTERNET > > > I have a hostA 10.1.3.15 which is on the internal network. It can ping > to the Firewall [205.148.243.2] and to the router [205.148.243.1] > > without any problems. > > On the Firewall I have static Address Translation for the > 10.1.3.15 and > set it as 205.148.243.3 > > The problem is I can PING to the firewall [205.148.243.2] successfully > from the internal and external network but CANNOT ping to the static > address [205.148.243.3] either from the internal nor from the external > network. Even from the Firewall server, I CANNOT ping to the NATed > address [205.148.243.3] > > I have set the NAT and rules properly. > > Any help to fix this problem will be greatly appreciated! > > Thanks > Jey > > > > ============================================================== > ========== > ======== > To unsubscribe from this mailing list, please see the > instructions > at > http://www.checkpoint.com/services/mailing.html > <http://www.checkpoint.com/services/mailing.html> > ============================================================== > ========== > ======== > > > > ============================================================== > ================== > To unsubscribe from this mailing list, please see the > instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================== > ================== > > > > ============================================================== > ================== > To unsubscribe from this mailing list, please see the > instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================== > ================== > ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|