Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] NAT problem

To: "'[email protected]'" <[email protected]>
Subject: RE: [FW1] NAT problem
From: "Joe Voisin (FW1)" <[email protected]>
Date: Mon, 6 Nov 2000 11:16:16 -0500
Sender: [email protected]

I am using AIX, here is what I did.

/usr/sbin/arp -s ether <IP_Address_ext> 00:06:xx:xx:xx:xx pub >>$LOGFILE
2>&1
/usr/sbin/arp -a |grep permanent >>$LOGFILE 2>&1
/usr/sbin/route add <IP_Address_ext> <IP_Address_int> >>$LOGFILE 2>&1

Try doing this:

arp -s ether <IP_EXT> AdapterAddress pub
route add <IP_EXT> <IP_INT>

don't forget the Type which should  probably be 'ether'

Joe

======================================================================
Joseph Voisin, Systems Administrator, Engel Canada Inc. 
www.engelmachinery.com | [email protected] |PGP Fingerprint: A20B 135D 0920 074F C7FE  D72D 88A7 2521 5138 DFC2 
======================================================================



> -----Original Message-----
> From: Carlos Infante [mailto:[email protected]]
> Sent: Monday, November 06, 2000 10:30 AM
> To: 'Jason Costomiris'
> Cc: [email protected]
> Subject: RE: [FW1] NAT problem
> 
> 
> 
> Hello Jason,
> 
> I've typed add -s,... but the problem isn't fixed
> The weird behaviour is that I can ping from the ftp server and with a
> sniffer I see the NATed address.
> Another issue is I can ping to the external IP address of the 
> firewall i.e.
> 202.45.45.3 but I can't ping to the 202.45.45.4 that is the 
> NATed IP address
> of the ftp server. (so the routing is working)
> If I try to make a ftp session in the logview I see the ftp 
> session accepted
> to the valid address but the ftp doesn't work
> 
> TIA
> 
> Carlos
> 
> -----Original Message-----
> From: Jason Costomiris [mailto:[email protected]]
> Sent: lunes, 06 de noviembre de 2000 14:24
> To: Carlos Infante
> Cc: [email protected]
> Subject: Re: [FW1] NAT problem
> 
> 
> On Mon, Nov 06, 2000 at 09:56:43AM +0100, Carlos Infante wrote:
> :
> : Hello all,
> : I have a problem with my NAT
> : I'm using a ftp server with a private address 10.x.x.x. 
> because I want the
> : external users grant access to the machine I'm performing NAT with a
> : external IP in the subnet of the external interface of the 
> firewall x.x.x.
> 4
> : for the firewall and x.x.x.5 for the NATed address of the 
> ftp server.
> :
> : I added the next  line in the cache arp  of the firewall module.
> :
> : arp -d <ip NATed of the ftp server> <MAC address of the 
> firewall> pub
> 
> There's your problem right there..   You just deleted an arp entry.
> You want arp -s.
> 
> Isn't it always the little things that get us? <g>
> 
> --
> Jason Costomiris <><           |  Technologist, geek, human.
> jcostom {at} jasons {dot} org  |  http://www.jasons.org/
>           Quidquid latine dictum sit, altum viditur.
> 
> 
> 
> ==============================================================
> ==================
>      To unsubscribe from this mailing list, please see the 
> instructions at
>                http://www.checkpoint.com/services/mailing.html
> ==============================================================
> ==================
> 


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: [FW1] NT and default-policy
Next by Date: Re: [FW1] NT and default-policy
Previous by thread: Re: [FW1] NAT problem
Next by thread: RE: [FW1] NAT problem
Index(es):
- Date
- Thread