Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] Strange NAT issue

To: [email protected]
Subject: [FW1] Strange NAT issue
From: [email protected]
Date: Mon, 12 Mar 2001 15:04:19 -0500
Sender: [email protected]

> I have traffic from the private network that I do not want translated when
> it leaves the firewall, due to a Cisco-to-Cisco VPN we have outside the
> firewall.  I've created a NAT rule that says:
> 
>  SRC            DST          SRvc    SRC        DST        SRVC
> net.172.23.45  net.192.168.1  any     Orig       Orig        Orig
> net.192.168.1  net.172.23.45  any     Orig       Orig        Orig
> 
> When I ping or telnet from the 172 network to the 192 network it fails
> with a timeout.  When I consult the logs I see that the firewall is
> translating the source to:
> 
> 44.172.23.30.
> 
> No matter what system I ping from the firewall translates the source
> address to "44" . [orginal octets].  I've searched and double-checked my
> objects and files to no avail.  All other NAT rules (SRC & DST) work.
> Users can surf the web, etc.
> 
> The firewall is a NOKIA IP330 running Checkpoint Firewall-1 4.1 SP1 (yep,
> I know, I need to upgrade!)
> 
> Any thoughts????
> 
> 
Thanks,
Mike Morabito
Frontway - [email protected]

>  


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: [FW1] DSL connection , VPN and Firewall-1
Next by Date: [FW1] Can HTTP on unknown ports be blocked?
Previous by thread: [FW1] DSL connection , VPN and Firewall-1
Next by thread: [FW1] Can HTTP on unknown ports be blocked?
Index(es):
- Date
- Thread