[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] ICMP problems
Sounds like you need to define NAT. If you have created an object for your Network or an object for your workstation that your trying to ping from. Define the Address Translation by going to Objects propeties tab. choose hide or static. and the ip that your translating to. If its static then you wiil need to add routes as well. If you have any further issues www.phoneboy.com is very helpful. -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[email protected]]On Behalf Of Gordon Webber Sent: Sunday, December 16, 2001 10:54 AM To: [email protected] Subject: [FW-1] ICMP problems Hi, Just a simple one I hope... To simplify the description, lets say I have an FW-1 on a NOKIA with two user interfaces (ethernet) enabled. I have a workstation attached to the lan on each interface and I install a policy with no "clean-up" rule. Instead the last rule is "any any any accept". I have set "ipsofwd on" at the Nokia level. (I thought FW-1 allowed forwarding and tat it was just the Nokia that needed to be forced to allow this ?) And yet I cannot ping from one workstation to the other ! The "Allow ICMP" option in the "Policy properties" only inserts an "any any ICMP accept" rule anyway (?), so my "allow-any" rule should cover that. The routing/default gateway's on the workstations just points to the local interface on each. So what is stopping the ping ??? Any suggestions would be gratefully received ! Cheers, Gordon ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= If you have any questions on how to change your subscription options, email Ron Alcatraz at: [email protected] ================================================= ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= If you have any questions on how to change your subscription options, email Ron Alcatraz at: [email protected] =================================================
|