NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Question



I would suspect the following is happening. The Packet to 200.x is external
so it is routed out to the firewall.
The firewall translates the packet into 192.168.1.5 and routes is back with
the original source address of 192.168.1.5.
'Alfa' Receives the packet with it's own source address and reply's (without
ever using the wire).
The response it recieves is not expected as part of any know request as it
is expecting a response from 200.x. Hence it fails. The problem here is that
the internal server never know that it is 200.x.
For internal communications you will want to use the 'Real' address and for
external you would need the NAT address, This may require using split DNS
and having 1 entry for the outside and one for the inside.

Hope this answers your question.

Russell Goodwin

-----Original Message-----
From: [email protected] [mailto:[email protected]]
Sent: 30 October 2000 17:56
To: [email protected]
Subject: [FW1] Question



I have a workstation Alfa with IP address 192.168.1.5, and in the Nat rule
have Static at 200.16.154.5.

If I wanna ping internally from Alfa 192.168.1.5 works fine (Alfa to Alfa
from private address), but if I wanna ping from that host 200.16.154.5 the
ping never respond (Alfa to Alfa).

Anybody knows whats matter with the icmp packet?

Regards,

Matias



============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.