| |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FW1] NAT Issue
Hello,
I've trouble with NAT, it works just in one direction. This is the
scenario:
Behind the Firewall resides a routable Network. Now I've added a new
Subnet to this
network which is hidden class. The routing between the routable internal
network and
the hidden class network is done by a sun. Routing at all works fine. I
could reach from
the firewall a hidden machine and I can reach the firewall from the
hidden machine.
(Just added a route to the firewall which adds the route to the sun
router for the
hidden net and the sun router defaults to the firewall). Now I want to
add NAT, so that
one of the hidden machines could reach the internet and the internet
could reach the hidden
machine. This should be done by static NAT.
I added a static arp entry for the valid IP with the hidden MAC.
I added the object with real IP and static NAT to the valid IP.
I added two rules with the object.
(BTW I changed spoofing also to get things to work)
1.) hidden any any ...
2.) any hidden any
Any connection from the hidden machine to the outside works great (Just
the way it should).
But if I try to reach the machine from the outside I can't connect.
I.e. Outside traffics works, inside not.
I'v tried to track down the problem with snoop.
I could verify that the outside packets reach the firewall. I even could
verify that these
packets reach the sun router, but the don't reach the hidden machine.
Have I missed something on the firewall or does the problem belong to
the sun router, cause
the packets reachs the sun router. For both cases, any clue ?
TIA, Dirk.
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
|
|
