[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] Nated machines can't access Internet
Am running FW-1 ver. 4.0. Upgrade planned on different server. Have installed NT on new machine and imported the rulebase and configuration files from the old machine which is currently in use. Have modified the route table on the new machine to match the old machine. Have created the local.arp file. Checked in the configuration GUI that the external interface was pointing to the correct card. On the firewall network object did a get for the interfaces which succeeded. Installed the policies. Have new machine on test network with DNS. Have not tried the upgrade yet. Firewall can get name resolution, can ping machines on internal network and DMZ by both true IP address and nated address. Internal machines with nated address can not get name resolution (DNS acting as machine outside firewall), machines internal with hidden address can get resolution. Machine on DMZ, with nated address can not get resolution. External machine can not get to web server on DMZ. Have disabled all rules in rule base and added rule any any any allow. Psuedo rules set to allow anything. Turned off IP address spoofing. What have I missed? Thanks for your help. ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|