Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] local.arp changes still not picked up

To: [email protected], [email protected]
Subject: RE: [FW1] local.arp changes still not picked up
From: [email protected]
Date: Thu, 7 Sep 2000 11:07:59 -0400
Cc: [email protected], [email protected]
Sender: [email protected]

It is IP, then MAC. 

Remember, it will not work unless you have a NAT rule in place.

Thomas Poole

-----Original Message-----
From: Jason Witty [mailto:[email protected]]
Sent: Thursday, September 07, 2000 10:24 AM
To: Rick Camp
Cc: 'Bill McCabe'; [email protected]
Subject: Re: [FW1] local.arp changes still not picked up



Your local.arp file is backwards.  It should be in the format (I thnk
the FAQ listed it worng, as I just got this out of the CP books):

<MAC ADDR>	<IP ADDR>

Not the other way around.  Change it, reboot, you should be cool.

Jason


Rick Camp wrote:
> 
> Bill,
> 
> I ran into this problem about a year ago with an NT 4.0 firewall.  I am
not
> sure as to the cause, but I did find a work around.
> 
> We were using a Cisco 2524 router and by clearing the arp tables, it would
> then pick up the new information from the local.arp file.  I believe the
> commands are show arp to look at the table and clear arp to clear it out
and
> you must be in enable mode on a Cisco router to clear the arp table.
Maybe
> someone with more router experience can confirm if I am remembering the
> correct commands.
> 
> If you can't telnet into your router you could try powering it off and
back
> on, but I don't know if that will solve the problem, and I don't know if
you
> are in a situation where you can down your router.
> 
> I hope this helps.
> 
> Rick
> 
> _______________________________________
> Rick Camp
> Welsh Consulting
> 31 Milk Street, Suite 805
> Boston, MA 02109
>Tel
>Fax
> [email protected]
> www.welsh.com
> 
> -----Original Message-----
> From: Bill McCabe [mailto:[email protected]]
> Sent: Wednesday, September 06, 2000 10:54 PM
> To: [email protected]
> Subject: [FW1] local.arp changes still not picked up
> 
> Sadly, the new proxy ARP entries still didn't take after a fwstop/start,
> and even a reboot. The old one still works fine. The network objects and
> rules are patterned identically to the working one, which was set up
> according to the instructions in the Phoneboy FAQ. I clearly must be
> missing something, unless it has to do with the limitations of Windows NT
> 4.0 Workstation, or the fact that the internal NIC is Token Ring. Any
> suggestions or leads would be greatly appreciated.
> 
> Bill
> 
> At 1:16 PM -0400 9/6/00, Bill McCabe wrote:
> >Thanks for all the replies. I will bounce the firewall when I get the
green
> >light from above. I couldn't remember whether I had restarted the FW
> >service last June when I added the prior static mapping. Since the
Phoneboy
> >FAQ says:
> >
> >
> >>In Windows NT, the 'arp' command will not function in this manner.
Version
> >>2.1c and later of FireWall-1 will do the proxy arps for you. You must
> >>create a file called %SystemRoot%\fw\state\local.arp (case matters!),
> >>which is formated as follows:
> >>
> >>translated_ip_address    mac_address
> >>
> >>In the example above, this file would contain:
> >>
> >>206.99.98.50    08-00-20-76-ea-77
> >>
> >>Once you've set this file up, you will need to re-install the current
> >>rulebase.
> >
> >
> >I was hesitant to restart it for no reason. I naturally assumed I had
made
> >an error somewhere.
> >
> >
> >Bill
> >
> >
> >
> >
>
>===========================================================================
> ====
> >=
> >     To unsubscribe from this mailing list, please see the instructions
at
> >               http://www.checkpoint.com/services/mailing.html
>
>===========================================================================
> ====
> >=
> 
>
============================================================================
> ====
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
>
============================================================================
> ====
> 
>
============================================================================
====
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
>
============================================================================
====


============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: RE: [FW1] local.arp changes still not picked up
Next by Date: RE: [FW1] local.arp changes still not picked up
Previous by thread: RE: [FW1] local.arp changes still not picked up
Next by thread: RE: [FW1] local.arp changes still not picked up
Index(es):
- Date
- Thread