|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] fw1 issues on redhat linux 6.1
Hey everyone, I would just like to share my experience with fw1 on linux 6.1. The kernel compilation I mentioned below doesn't have anything to do with my own issue. But it is recommended to only use 2.2.x kernels. Anyways, I'll experiment about the behavior of fw1 on 2.4 kernels. I was able to solve my problem with the MAC address. You won't get any error when you "arp -s 192.168.0.102 <MAC-ADDRESS or PHYSICAL ADDRESS>". But I found out that it was incomplelet when I just made arp. So I experimented on all options of arp then finally ended with the properly working parameters: arp -v -H ether -s 192.168.0.102 <MAC-ADDRESS or PHYSICAL ADDRESS> pub Notice the pub, it's very important because it will publish the MAC ADDRESS. The -v is just for verbose. The -H also can be excluded since arp knows what real LAN card you're using. The first arp command I made doesn't publish it that's why I was having problems(see below). Anyways, hope this will help guys out there experimenting on fw-1 for linux. Ronneil Camara Remington Microshare> -----Original Message----- > From: Ronneil Camara > Sent: Wednesday, March 21, 2001 8:50 PM > To: [email protected] > Subject: [FW1] fw1 issues on redhat linux 6.1 > > > > Are there any known issues about fw1 v4.1.2 sp2 running on redhat 6.1, > kernel 2.2.18, with 3 nics? I've been trying for 2 days now > but the www > server or any server on the dmz is not working. > I already issued the commands below: > > eth0 = 192.168.0.100 = untrusted > eth1 = 192.168.2.1 = dmz > eth2 = 192.168.1.1 = trusted > > www = 192.168.2.30 > > 1. route add -host 192.168.0.102 gw 192.168.2.30 > 2. arp -s 192.168.0.102 <MAC-ADDRESS or PHYSICAL ADDRESS> # > similar with > local.arp in NT > > And I'm sure that I can ping all connected nodes on each interfaces. I > fwstop it first just to check if I can really ping each node. > Then fwstart > it again. But of course, I don't do that often or I should > never really do > that, just for troubleshooting. :-) > > I actually have the same setup but I installed it under > redhat 7.0 and it > was working. > > How about kernel-compilation, what should be present? I could have > accidentally remove an option. But, I still have the original > vmlinuz image, > and fw1 doesn't seem to work also but just on the DMZ side. > About routed, I > guess, I don't need this because I didn't install it in > RH7.0. Btw, I can > browse the internet via the trusted interface from a > workstation. Another > thing, I used Policy Editor's wizard which I used in my > installation in 7.0 > also. And it went like a charm in RH7.0 but not with RH6.1. > > Hmmm, any thing you want to advice that I need to > troubleshoot, or any file > which I should take a look which could possibly be causing > the problem? > > .-------------------------------------------------------. > o^o | Ronneil Camara, | [email protected] | > /V\ |--------------------| +| > // \\ | "The only way to `----------------------------------| > /( )\ | stop a hacker is to think like one." | > ^^-^^ | ...brilliant misguided youth | > `-------------------------------------------------------' > > > > ============================================================== > ================== > To unsubscribe from this mailing list, please see the > instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================== > ================== > ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
