[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] NAT problem
If you cannot ping to the NAT IP of the FTP server, then the ARPing is not working. If you are using Winnt, you will need to edit the local.arp file in the $FWDIR\state directory and create/edit a file local.arp which will contain <ipaddr><tab><mac-addr-separated-by-dashes> HTH CryptoTech Carlos Infante wrote: > Hello Jason, > > I've typed add -s,... but the problem isn't fixed > The weird behaviour is that I can ping from the ftp server and with a > sniffer I see the NATed address. > Another issue is I can ping to the external IP address of the firewall i.e. > 202.45.45.3 but I can't ping to the 202.45.45.4 that is the NATed IP address > of the ftp server. (so the routing is working) > If I try to make a ftp session in the logview I see the ftp session accepted > to the valid address but the ftp doesn't work > > TIA > > Carlos > > -----Original Message----- > From: Jason Costomiris [mailto:[email protected]] > Sent: lunes, 06 de noviembre de 2000 14:24 > To: Carlos Infante > Cc: [email protected] > Subject: Re: [FW1] NAT problem > > On Mon, Nov 06, 2000 at 09:56:43AM +0100, Carlos Infante wrote: > : > : Hello all, > : I have a problem with my NAT > : I'm using a ftp server with a private address 10.x.x.x. because I want the > : external users grant access to the machine I'm performing NAT with a > : external IP in the subnet of the external interface of the firewall x.x.x. > 4 > : for the firewall and x.x.x.5 for the NATed address of the ftp server. > : > : I added the next line in the cache arp of the firewall module. > : > : arp -d <ip NATed of the ftp server> <MAC address of the firewall> pub > > There's your problem right there.. You just deleted an arp entry. > You want arp -s. > > Isn't it always the little things that get us? <g> > > -- > Jason Costomiris <>< | Technologist, geek, human. > jcostom {at} jasons {dot} org | http://www.jasons.org/ > Quidquid latine dictum sit, altum viditur. > > ================================================================================ > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================================================ ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|