[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] NT Routing Problems
Hello all. I am trying to get my first Firewall One Box up and running and into production and have run into some problems. Unfortunately I am stuck with getting this to work on NT, our budget constrained us from using a Nokia box which would have been my preference. What appears to be happening is that packets are not being forwarded between my internal and external interfaces. After fairly extensive troubleshooting I narrowed this down to it being an NT problem and not a Firewall-1 problem as I can duplicate the behaviour exactly whether FW-1 is installed or not. I may be missing something very basic here as I'm new to this arena but any help offered would be greatly appreciated. Here's the skinny, we initially need to get this firewall set up without using NAT due to some processes that need to be tested before it is implemented. Additionally, to avoid too many X factors I want to get the firewall implemented in as secure but as simple a fashion as possible to start. Here's an example of what my current layout is: Internet --- Router --- External IF --- Internal IF --- LAN Device IP Address Subnet Mask Gateway Router 38.164.193.1 255.255.255.0 External IF 38.164.193.3 255.255.255.0 38.164.193.1 Internal IF 38.164.193.4 255.255.255.0 None LAN 38.164.192.0 255.255.255.0 38.164.192.4 After checking and rechecking details it seems as if I did configure things properly but my gut tells me I'm missing something basic. I can ping the Internal IF from the LAN but can't pass traffic past that card. From the NT Box I can ping both internal cards the Router and machines out on the Internet. Allow IP forwarding is checked in IP properties in NT. If I put the Internal IF and the Workstations on the LAN onto a different network, say 10.10.10.0/24 the NT box will pass the traffic, but I'm not at a stage where I can rework our entire Network and implement NAT all at the same time. Any thoughts? Am I being dumb here or am I just missing some basic understanding of how routing works. Any help would be greatly appreciated. This mailing list has certainly helped greatly in getting me at least to this point. Thanks again. Geoff ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|