[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] Problem with Static NAT in a lab environment
Hi all, I am testing static NAT between two firewalls. fw.madrid.cp and fw.rome.cp Set up is as follows Each firewall has a web server sitting behind it on a private network. I have created all the correct objects on each firewall and everything works as expected untill Static NAT rules are applied. In the workstation properties for each web server object, I click on NAT tab and put in VIP address for the webserver. I also add the VIP address in the NAT tab of partner city webserver. I have checked the corresponding properties on each firewall and they are all correct. The problem is as follows When I connect to the VIP address for www.madrid.cp from fw.rome.cp via http everything works fine and the logs confirm that NAT is configured correctly. When connecting to www.rome.cp from fw.madrid.cp via http the connection fails and is dropped by fw.rome.cp. The logs on fw.rome.cp have the following; the_flags 2 message_info_TCP packet out of state I may be missing something obvious buit any assistance would be most helpful. Thanks Marc Marc Kisner Harrier Group Switchboard: +44 (0)Facsimile: +44 (0)Mobile: +44 (0) 77740 431 598 DDI +44 (0)Email: mailto:[email protected] Web: http://www.harrierzeuros.co.uk Privileged/Confidential Information may be contained in this message. If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or deliver this message to anyone. In such case, you should destroy this message and kindly notify the sender by reply email. Please advise immediately if you or your employer do not consent to Internet email for messages of this kind. Opinions, conclusions and other information in this message that do not relate to the official business of my firm shall be understood as neither given nor endorsed by it. ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|