[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] fwxlconf not un-NAT'ing addresses
On Tue, 28 Nov 2000 [email protected] wrote: > Kirk, > > I hope this isn't too basic, but did you re-compile the rules after the > change? > I've made this mistake myself, so now I always keep it in mind when I do > NAT changes. Good luck. Ugh. Yep, that was it. Thanx much Harley... - Kirk > > Kirk Vogelsang <[email protected]> on 11/28/2000 01:31:56 PM > > To: [email protected] > cc: (bcc: Harley S. Sanders/BAIS/BAReston) > > Subject: [FW1] fwxlconf not un-NAT'ing addresses > > > > > > I'm having some trouble trying to un-NAT some addresses on > FW-1 4.0 Solaris using fwxlconf. > > The addresses in question are: > > 10.10.30.65 > 10.10.100.34 > 10.10.100.35 > > Those addresses were getting translated before. Now, I'd like > for them to stay as is without xlation. > > Here's what my xlate.conf looks like (with bogus IP's): > > fwx_translation={ > <0, 10.10.102.2, 10.10.102.254, FWXT_DST_STATIC, 172.16.37.2, 0>, > <1, 10.10.103.2, 10.10.103.254, FWXT_DST_STATIC, 172.16.38.2, 0>, > <2, 172.16.37.2, 172.16.37.254, FWXT_SRC_STATIC, 10.10.102.2, 0>, > <3, 172.16.38.2, 172.16.38.254, FWXT_SRC_STATIC, 10.10.103.2, 0>, > <4, 10.10.30.65, 10.10.30.65, FWXT_SRC_STATIC, 10.10.30.65, 0>, > <5, 10.10.100.34, 10.10.100.34, FWXT_SRC_STATIC, 10.10.100.34, 0>, > <6, 10.10.100.35, 10.10.100.35, FWXT_SRC_STATIC, 10.10.100.35, 0>, > <7, 10.10.2.0, 10.10.9.32, FWXT_HIDE, 10.10.11.11, 0>, > <8, 10.10.9.34, 10.10.11.10, FWXT_HIDE, 10.10.11.11, 0>, > <9, 10.10.11.12, 10.10.30.4, FWXT_HIDE, 10.10.11.11, 0>, > <10, 10.10.30.6, 10.10.30.8, FWXT_HIDE, 10.10.11.11, 0>, > <11, 10.10.30.10, 10.10.30.19, FWXT_HIDE, 10.10.11.11, 0>, > <12, 10.10.30.21, 10.10.30.54, FWXT_HIDE, 10.10.11.11, 0>, > <13, 10.10.30.56, 10.10.30.56, FWXT_HIDE, 10.10.11.11, 0>, > <14, 10.10.30.58, 10.10.30.70, FWXT_HIDE, 10.10.11.11, 0>, > <15, 10.10.30.72, 10.10.30.129, FWXT_HIDE, 10.10.11.11, 0>, > <16, 10.10.30.130, 10.10.30.130, FWXT_HIDE, 10.10.9.50, 0>, > <17, 10.10.30.131, 10.10.101.255, FWXT_HIDE, 10.10.11.11, 0>, > <18, 10.10.105.3, 10.10.148.255, FWXT_HIDE, 10.10.11.11, 0> > }; > > The old xlate.conf was identical, minus #'s 4, 5 and 6. > I've also tried punching holes in the ranges to exclude the 3 addresses > above, rather than using the SRC_STATIC, but that didn't work either. > > After making the changes, I've fwstop'd and fwstart'd and even > rebooted the firewall, but no deal. They still get NAT'd to > 10.10.11.11. > > I've never had this much trouble before. Anyone have any ideas > as to what I might be missing? > > ----- > Kirk M. Vogelsang <[email protected]> > Northeastern University College of Computer Science > > > > ================================================================================ > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================================================ > > > > > > > ================================================================================ > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================================================ > ----- Kirk M. Vogelsang <[email protected]> Northeastern University College of Computer Science ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|