[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] Hide NAT in firewall/stonebeat environment
Hi all, Current setup of Firewall-1 with Stonebeat FullCluster 1.0 is having a NAT problem. It is just a simple setup, with two nodes in a cluster, and three operative segments. In DMZ segment, I have a few servers with private IP doing static NAT in the Firewall-1. Everything has been configured correctly, from the firewall portion to the stonebeat portion (filter.conf). Problem arises when I tried to do a hide NAT for the LAN segment. I have this proxy which needs to do hide NAT (using the external virtual IP), hence in the filter.conf of both nodes, I have added: hide-nat-ip = 10.1.1.x netmask 255.255.255.0 hide-nat = 202.100.1.x When I use the proxy to ping to the Internet, it gets a request time out, and trace route states that it sometime stops at the virtual IP and the physical IP. Are there anything else to be configured in both nodes or router?? Kevin
================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|