Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] NAT problem

To: [email protected]
Subject: Re: [FW1] NAT problem
From: CryptoTech <[email protected]>
Date: Mon, 06 Nov 2000 10:29:41 -0500
Cc: "'Jason Costomiris'" <[email protected]>, [email protected]
References: <[email protected]>
Sender: [email protected]

If you cannot ping to the NAT IP of the FTP server, then the ARPing is not working.
If you are using Winnt, you will need to edit the local.arp file in the $FWDIR\state
directory and create/edit a file local.arp which will contain

<ipaddr><tab><mac-addr-separated-by-dashes>

HTH
CryptoTech

Carlos Infante wrote:

> Hello Jason,
>
> I've typed add -s,... but the problem isn't fixed
> The weird behaviour is that I can ping from the ftp server and with a
> sniffer I see the NATed address.
> Another issue is I can ping to the external IP address of the firewall i.e.
> 202.45.45.3 but I can't ping to the 202.45.45.4 that is the NATed IP address
> of the ftp server. (so the routing is working)
> If I try to make a ftp session in the logview I see the ftp session accepted
> to the valid address but the ftp doesn't work
>
> TIA
>
> Carlos
>
> -----Original Message-----
> From: Jason Costomiris [mailto:[email protected]]
> Sent: lunes, 06 de noviembre de 2000 14:24
> To: Carlos Infante
> Cc: [email protected]
> Subject: Re: [FW1] NAT problem
>
> On Mon, Nov 06, 2000 at 09:56:43AM +0100, Carlos Infante wrote:
> :
> : Hello all,
> : I have a problem with my NAT
> : I'm using a ftp server with a private address 10.x.x.x. because I want the
> : external users grant access to the machine I'm performing NAT with a
> : external IP in the subnet of the external interface of the firewall x.x.x.
> 4
> : for the firewall and x.x.x.5 for the NATed address of the ftp server.
> :
> : I added the next  line in the cache arp  of the firewall module.
> :
> : arp -d <ip NATed of the ftp server> <MAC address of the firewall> pub
>
> There's your problem right there..   You just deleted an arp entry.
> You want arp -s.
>
> Isn't it always the little things that get us? <g>
>
> --
> Jason Costomiris <><           |  Technologist, geek, human.
> jcostom {at} jasons {dot} org  |  http://www.jasons.org/
>           Quidquid latine dictum sit, altum viditur.
>
> ================================================================================
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
> ================================================================================



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

References:
- RE: [FW1] NAT problem
  - From: "Carlos Infante" <[email protected]>

Prev by Date: [FW1] Firewall, FloodGate and Real Time Monitor
Next by Date: [FW1] Checkpoint Licensing Problems
Previous by thread: RE: [FW1] NAT problem
Next by thread: RE: [FW1] NAT problem
Index(es):
- Date
- Thread