[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] limitations with NAT on Windows 2000 and FW1 SP3
All, Below are the instructions I received for how to setup Static NAT on a Windows 2000 FW1 box. I found there seems to be a limitation for how many arp proxies can be cached. I have a batch file that runs fwparp 17 times for 17 different address and it consistenly bombs on the last one and gives me an NT error (1450- Insufficient system resources exist to complete the requested service.) Has anyone seen anything like this? thanks, Please follow these set of actions: 1) Disable the "routing and Remote Access" (To access this service please go to: start -> programs -> Administrative Tools -> Routing and Remote Access -> right click the server and press disable) 2) Reboot the machine 3) Open the registry from command line by running the command "regedit" 4) Go to -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentContralSet\Services\Tcpip\Parameters 5) Change the value to "1" in the Dword key "IPEnableRouter" 6) Restart the machine 7) Now you can run the 'fwparp.exe' utility as follow: 'fwparp static_ip external_fw-1_ip' 8) Start the FireWall-1 machine (fwstart) 9) Install the policy. (Note: On step #7 static_ip is the ip address that you are going to be using. External_fw-1_ip is the firewalls external ip address) (Note that you have to run the 'fwparp.exe' after every Reboot) Scott Moore, MCSE, MCT, MCP+I, CCA Senior Systems Engineer Engineering [email protected] ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|