|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] StoneBeat HA and static NAT
Hi, While the above method should work, a better way to add routes is to use the $SBHOME/etc/routes file. This way, if there is an error, you'll see it with stonebeat's GUI (in the route configuration window). however, you still need the arp commands in postonline.sh. Did you try both your route and arp commands from the prompt while the fw was online? --- Robert MacDonald <[email protected]> a écrit : > > Cajt, > > What is the netmask? By default, the addressing your using > is a Class B network. If so, then the two addresses your > using are on the same network. > > Assuming (ack!) you have a Sun box, you could setup the > /etc/netmasks with the following: > > 172.20.0.0 255.255.255.0 > > This would subnet the default 172.20.x.x into 256 networks. > > The other thing is, make sure that the ARP MAC address > your using is the system that's handling the proxy ARP for > you. IOW, the address you used below should be that of > the firewall external interface(if that's where your proxying at). > > You can verify these things by looking at your ARP and > routing tables. > > arp -a #show ARP table - will work for *NIX and NT > netstat -rn #show routing table - will work for *NIX and NT > > Also, make sure that your NAT entries are correct. > > Clear as mud? > > Robert > > - - > Robert P. MacDonald, Network Engineer > Team Lead, e-Business Infrastructure > G o r d o n F o o d S e r v i c e > Voice:email: [email protected] > > >>> "Pag" <[email protected]> 12/14/00 7:06:45 AM >>> > > > >Hi all, > >I need your help. > > > >We are now testing FW-1 (version 4.1 SP2) StoneBeat HA (version 3.1.5, > not > >StoneBeat Full Cluster) and have problem with static NAT. > >We change postonline.sh - to add following: > >route add visible_external_address hidden_address 1 (route add > >172.20.201.100 172.20.200.100 1) > >arp -s visible_external_address MAC_sb_shared pub (arp -s 172.20.201.100 > >00:c0:bb:cc:dd pub) > >And doesn't function! > >Who know about setup static NAT with StoneBeat HA and FW1? > >Please... > >Thanks a lot > > > > > ================================================================================ > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================================================ ___________________________________________________________ Do You Yahoo!? -- Pour dialoguer en direct avec vos amis, Yahoo! Messenger : http://fr.messenger.yahoo.com ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
