|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] StoneBeat HA and static NAT
Cajt, What is the netmask? By default, the addressing your using is a Class B network. If so, then the two addresses your using are on the same network. Assuming (ack!) you have a Sun box, you could setup the /etc/netmasks with the following: 172.20.0.0 255.255.255.0 This would subnet the default 172.20.x.x into 256 networks. The other thing is, make sure that the ARP MAC address your using is the system that's handling the proxy ARP for you. IOW, the address you used below should be that of the firewall external interface(if that's where your proxying at). You can verify these things by looking at your ARP and routing tables. arp -a #show ARP table - will work for *NIX and NT netstat -rn #show routing table - will work for *NIX and NT Also, make sure that your NAT entries are correct. Clear as mud? Robert - - Robert P. MacDonald, Network Engineer Team Lead, e-Business Infrastructure G o r d o n F o o d S e r v i c e Voice:email: [email protected] >>> "Pag" <[email protected]> 12/14/00 7:06:45 AM >>> > >Hi all, >I need your help. > >We are now testing FW-1 (version 4.1 SP2) StoneBeat HA (version 3.1.5, not >StoneBeat Full Cluster) and have problem with static NAT. >We change postonline.sh - to add following: >route add visible_external_address hidden_address 1 (route add >172.20.201.100 172.20.200.100 1) >arp -s visible_external_address MAC_sb_shared pub (arp -s 172.20.201.100 >00:c0:bb:cc:dd pub) >And doesn't function! >Who know about setup static NAT with StoneBeat HA and FW1? >Please... >Thanks a lot ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
