[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] NAT routing problem
Is there an implied rule in your rulebase preventing ICMP ? Click View > Implied Rules. Enable it via policy properties if needed. As long as you've setup local.arp to point 207.34.24.11 to the MAC address of 207.34.24.44, and setup a route add 207.34.24.11 0.0.0.0 172.16.1.11 -p, AND made sure traffic can get back out (ie default gateway on the NATted machine points to the INTERNAL interface on the firewall), you'll be fine ! ----- Original Message ----- From: Trent MacDougall <[email protected]> To: <[email protected]> Sent: 27 March 2001 16:48 Subject: [FW1] NAT routing problem > > I have installed FW1 ver 4.1 Build 41716 [ VPN + DES + STRONG ]. > I have the following: > > internal net 172.16.1.0 > external net 207.34.24.0 > fw 207.34.24.44 / 172.16.1.1 > > host x 172.16.1.11 with NAT 207.34.24.11 > > I have setup the arp table on the firewall like I do on the 4.0 version > and I have also setup the routing. It all seems to work fine on my 4.0 > version, but under 4.1 the fw cannot ping host x (207.34.24.11) > yet there is a route for it. Has anyone seen this before? > -- > Trent MacDougall @ InfoInterActive Inc. > Network Administrator @> [email protected] > > > ============================================================================ ==== > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================================ ==== > ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|