[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] FW-1 Setup
Ben, You have to use the external int of the Firewall for the arp entries as it will respond to the internet on behalf of the NAT'd machine. You also need the static route pointing to the inside. Routing is done before the NAT so you have to point the External address to the inside (real address). As for the IP ranges, I presume these are just plucked out of the air for examples, the reason I hope this is the case as the IP range specified would overlap both sides of the firewall, you could have for example 10.10.10.1-30 outside and 10.10.10.33-62 inside. Also, you will need to put the arp entry in the local.arp file. You cannot make static arp entries persist across reboots on NT. Hope this help to clear things up. Russell Goodwin -----Original Message----- From: Ben Cuthbert [mailto:[email protected]] Sent: 23 October 2000 22:24 To: Firewall Mailing List Subject: [FW1] FW-1 Setup Hi all could some tell me if this firewall setup would work i have a range of ip address lets say 10.10.10.40 to 10.10.10.70 my router that is by my provider is 10.10.10.39 my firewall has 2 interfaces on that faces the router 10.10.10.40 and on that faces local net 10.10.10.41 now my windows machine on the internal network is 10.10.10.45 and what i was trying to do is disable the arp requests on the firewall and add then statically , so i would give my windows machine something like this arp -s 10.10.10.45 and then mac address of the internal interface of the firewall if it did this would it work bec i am have problems trying to get this setup to work ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|