[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] local.arp changes still not picked up
Bill, I ran into this problem about a year ago with an NT 4.0 firewall. I am not sure as to the cause, but I did find a work around. We were using a Cisco 2524 router and by clearing the arp tables, it would then pick up the new information from the local.arp file. I believe the commands are show arp to look at the table and clear arp to clear it out and you must be in enable mode on a Cisco router to clear the arp table. Maybe someone with more router experience can confirm if I am remembering the correct commands. If you can't telnet into your router you could try powering it off and back on, but I don't know if that will solve the problem, and I don't know if you are in a situation where you can down your router. I hope this helps. Rick _______________________________________ Rick Camp Welsh Consulting 31 Milk Street, Suite 805 Boston, MA 02109TelFax [email protected] www.welsh.com -----Original Message----- From: Bill McCabe [mailto:[email protected]] Sent: Wednesday, September 06, 2000 10:54 PM To: [email protected] Subject: [FW1] local.arp changes still not picked up Sadly, the new proxy ARP entries still didn't take after a fwstop/start, and even a reboot. The old one still works fine. The network objects and rules are patterned identically to the working one, which was set up according to the instructions in the Phoneboy FAQ. I clearly must be missing something, unless it has to do with the limitations of Windows NT 4.0 Workstation, or the fact that the internal NIC is Token Ring. Any suggestions or leads would be greatly appreciated. Bill At 1:16 PM -0400 9/6/00, Bill McCabe wrote: >Thanks for all the replies. I will bounce the firewall when I get the green >light from above. I couldn't remember whether I had restarted the FW >service last June when I added the prior static mapping. Since the Phoneboy >FAQ says: > > >>In Windows NT, the 'arp' command will not function in this manner. Version >>2.1c and later of FireWall-1 will do the proxy arps for you. You must >>create a file called %SystemRoot%\fw\state\local.arp (case matters!), >>which is formated as follows: >> >>translated_ip_address mac_address >> >>In the example above, this file would contain: >> >>206.99.98.50 08-00-20-76-ea-77 >> >>Once you've set this file up, you will need to re-install the current >>rulebase. > > >I was hesitant to restart it for no reason. I naturally assumed I had made >an error somewhere. > > >Bill > > > > >=========================================================================== ==== >= > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html >=========================================================================== ==== >= ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|