[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] NAT problem
I am using AIX, here is what I did. /usr/sbin/arp -s ether <IP_Address_ext> 00:06:xx:xx:xx:xx pub >>$LOGFILE 2>&1 /usr/sbin/arp -a |grep permanent >>$LOGFILE 2>&1 /usr/sbin/route add <IP_Address_ext> <IP_Address_int> >>$LOGFILE 2>&1 Try doing this: arp -s ether <IP_EXT> AdapterAddress pub route add <IP_EXT> <IP_INT> don't forget the Type which should probably be 'ether' Joe ====================================================================== Joseph Voisin, Systems Administrator, Engel Canada Inc. www.engelmachinery.com | [email protected] |PGP Fingerprint: A20B 135D 0920 074F C7FE D72D 88A7 2521 5138 DFC2 ====================================================================== > -----Original Message----- > From: Carlos Infante [mailto:[email protected]] > Sent: Monday, November 06, 2000 10:30 AM > To: 'Jason Costomiris' > Cc: [email protected] > Subject: RE: [FW1] NAT problem > > > > Hello Jason, > > I've typed add -s,... but the problem isn't fixed > The weird behaviour is that I can ping from the ftp server and with a > sniffer I see the NATed address. > Another issue is I can ping to the external IP address of the > firewall i.e. > 202.45.45.3 but I can't ping to the 202.45.45.4 that is the > NATed IP address > of the ftp server. (so the routing is working) > If I try to make a ftp session in the logview I see the ftp > session accepted > to the valid address but the ftp doesn't work > > TIA > > Carlos > > -----Original Message----- > From: Jason Costomiris [mailto:[email protected]] > Sent: lunes, 06 de noviembre de 2000 14:24 > To: Carlos Infante > Cc: [email protected] > Subject: Re: [FW1] NAT problem > > > On Mon, Nov 06, 2000 at 09:56:43AM +0100, Carlos Infante wrote: > : > : Hello all, > : I have a problem with my NAT > : I'm using a ftp server with a private address 10.x.x.x. > because I want the > : external users grant access to the machine I'm performing NAT with a > : external IP in the subnet of the external interface of the > firewall x.x.x. > 4 > : for the firewall and x.x.x.5 for the NATed address of the > ftp server. > : > : I added the next line in the cache arp of the firewall module. > : > : arp -d <ip NATed of the ftp server> <MAC address of the > firewall> pub > > There's your problem right there.. You just deleted an arp entry. > You want arp -s. > > Isn't it always the little things that get us? <g> > > -- > Jason Costomiris <>< | Technologist, geek, human. > jcostom {at} jasons {dot} org | http://www.jasons.org/ > Quidquid latine dictum sit, altum viditur. > > > > ============================================================== > ================== > To unsubscribe from this mailing list, please see the > instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================== > ================== > ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|