Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] IP Pool NAT for SR doesn't work for private IPs

To: <[email protected]>
Subject: [FW1] IP Pool NAT for SR doesn't work for private IPs
From: [email protected]
Date: Thu, 26 Apr 2001 17:23:54 +0200
Sender: [email protected]

Hello list,

      I've recently set up a VPN from a  pc behind an ADSL router which is
      doing
      PAT.

      Finally solved problems of NATing with udp-encapsulation.

      The PC is a W2K Pro with SR v4.1 3DES Build 4174, let's say it's IP
      is
      172.16.1.2

      The Firewall is a SPARC/Solaris 2.6 with FW1 v4.1

      Now the problem is:

      1- If I connect to the inet with a single dial-up and start the vpn
      with a
      public/legal ip on my local interface, everything is working, my
      src-addr
      gets NATed with an address of the IP-pool. I can see the decrypt
      entry
      saying 62.81.27.x is translated to 192.168.1.1.

      2-If I connect to the inet with ADSL connectivity, and I have a
      private addr
      on my ethernet, I can see the decrypt entry in the log saying
      172.16.1.2
      being translated to 192.168.1.2, which is desired. But, in fact,
      packets are
      not being translated.

      I've contacted Checkpoint for this issue and the asked me too add a
      so
      called "noisy rule" to drop all NBT traffic. This doesn't make for
      me, i
      need netbios. It didn't worked indeed.

      So, anyone out there knows what's happening?
      a undocumented bug?
      any idea?

      thanks.

La información incluida en el presente correo electrónico es CONFIDENCIAL,
siendo para el uso exclusivo del destinatario arriba mencionado. Si usted
lee este mensaje y no es el destinatario señalado, el empleado o el agente
responsable de entregar el mensaje al destinatario, o ha recibido esta
comunicación por error, le informamos que está totalmente prohibida
cualquier divulgación, distribución o reproducción de esta comunicación, y
le rogamos que nos lo notifique, nos devuelva el mensaje original a la
dirección arriba mencionada y borre el mensaje.
Gracias.



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: Re: [FW1] Lots of static routes in IPSO
Next by Date: [FW1] Blocking web downloads
Previous by thread: RE: [FW1] Urgent Help
Next by thread: [FW1] Blocking web downloads
Index(es):
- Date
- Thread