NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Error with win2000 coming packets



Javiere,

I am basing the following on the assumption that your servers are a part of
your internal net, and not in a DMZ (since you only have 2 NIC's as you
say). Take heed tho, that it is not advisabel to have servers that are
accessable from the outside, as a part of your regular network.

You need to do the following :

In order for the servers to be seen by the internet, they must have IP
addresses that are seen from the internet.

You need to define a WS object which contains the internall address of the
server on your internal network, and then under the NAT window, the real IP
address of that server as seen by the Internet.

eg : Intenal-IP 172.18.10.10          NAT-IP 192.115.197.1

You then need to define what can be done oposit each one, say HTTP and HTTPS
to the Web server, FTP and FTP-DATA to the FTP server and so on (All this on
the rules for access to these servers from the internet).

eg : OUTSIDE     Web-Server-Inside   HTTP/HTTPS     ALLOW    LOG-LONG

You then need to define a route on your WIN2K server so that any data
ariving to the outside legal addresses, will be sent to the correct server
on the inside.

eg :  route add -p 192.115.197.1 172.18.10.10

Of course, the whole idea being protection, there is more that can be done
and I'm sure others will advise on this as well.

Hope this helps.

Mike

> -----Original Message-----
> From:	[email protected] [SMTP:[email protected]]
> Sent:	ä îøõ 29 2001 11:50
> To:	[email protected]
> Subject:	[FW1] Error with win2000 coming packets
> 
> 
> Hi everybody:
>  
> I've got a probably beginner error. Is the next:
> I installed my FW-1 in a Windows 2000 Server without problems, then I
> apply the wizard  for configuring it. The first step was successful,
> everybody could go out through the FW-1. But we have a Web Server a FTP
> Server and a Mail Server that must be  approachable from Internet. I used
> the correct wizard, but I can't access to the servers. The FW-1 have two
> net cards one of them in the localnet and the other in Internet. What can
> be happen?
> 
> Thanks in advance 
> 
> 
> Regards Javier Chordá
> 
> 
> 
> ==========================================================================
> ======
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
> ==========================================================================
> ======


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.