[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Error with win2000 coming packets
Javiere, I am basing the following on the assumption that your servers are a part of your internal net, and not in a DMZ (since you only have 2 NIC's as you say). Take heed tho, that it is not advisabel to have servers that are accessable from the outside, as a part of your regular network. You need to do the following : In order for the servers to be seen by the internet, they must have IP addresses that are seen from the internet. You need to define a WS object which contains the internall address of the server on your internal network, and then under the NAT window, the real IP address of that server as seen by the Internet. eg : Intenal-IP 172.18.10.10 NAT-IP 192.115.197.1 You then need to define what can be done oposit each one, say HTTP and HTTPS to the Web server, FTP and FTP-DATA to the FTP server and so on (All this on the rules for access to these servers from the internet). eg : OUTSIDE Web-Server-Inside HTTP/HTTPS ALLOW LOG-LONG You then need to define a route on your WIN2K server so that any data ariving to the outside legal addresses, will be sent to the correct server on the inside. eg : route add -p 192.115.197.1 172.18.10.10 Of course, the whole idea being protection, there is more that can be done and I'm sure others will advise on this as well. Hope this helps. Mike > -----Original Message----- > From: [email protected] [SMTP:[email protected]] > Sent: ä îøõ 29 2001 11:50 > To: [email protected] > Subject: [FW1] Error with win2000 coming packets > > > Hi everybody: > > I've got a probably beginner error. Is the next: > I installed my FW-1 in a Windows 2000 Server without problems, then I > apply the wizard for configuring it. The first step was successful, > everybody could go out through the FW-1. But we have a Web Server a FTP > Server and a Mail Server that must be approachable from Internet. I used > the correct wizard, but I can't access to the servers. The FW-1 have two > net cards one of them in the localnet and the other in Internet. What can > be happen? > > Thanks in advance > > > Regards Javier Chordá > > > > ========================================================================== > ====== > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ========================================================================== > ====== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|