[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] NAT problems cont.
Hello, I still can't get this simple NAT working. FYI, I've been stuck with this firewall until the main guy gets back, and of course I don't have access to his manuals etc in his locked office... ok: 1. both network cards on the Firewall-1 have the same MAC address; is this normal? (running Solaris 2.6 on an Ultra 2) 2. I keep getting this in /var/adm/messages: Jan 8 11:14:17 hercules unix: FW-1: only 25 internal hosts allowed Jan 8 11:14:17 hercules unix: FW-1: No valid license Jan 8 11:14:17 hercules unix: FW-1: only 25 internal hosts allowed Jan 8 11:14:17 hercules unix: FW-1: License okay Jan 8 11:14:17 hercules unix: FW-1: initialized on hme2 (2) Jan 8 11:14:17 hercules unix: FW-1: only 25 internal hosts allowed One of the techs here says it's always been ok, but somehow I think this might be causing problems? 3. After I setup the NAT exactly as specified in the docs (and how some kind people on the list have told me), and I try to reach the external IP from an internal address, I get this: ICMP Host redirect from gateway hercules (192.168.9.20) to mail (192.168.9.34) for .com (valid external IP) ICMP Host Unreachable from gateway mail (192.168.9.34) I should be able to ping through the NAT, right? The redirect tells me that the manual static route I put in as per the docs is working, but why won't it send the packet back to the mail server? Also, are there any docs on setting up a split-DNS on Firewall-1? Can I do it? Thanks! ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|