Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] Dual NAT with FW-1 on NT

To: "Sumit Chopra" <[email protected]>, <[email protected]>
Subject: Re: [FW1] Dual NAT with FW-1 on NT
From: "Tim Holman" <[email protected]>
Date: Tue, 17 Apr 2001 18:11:19 +0100
References: <[email protected]>
Sender: [email protected]

What are you trying to NAT ?
Your proxy.arp and routes look wrong.
Let's use an example:

External address of FW - 10.0.0.1
Public address of host - 10.0.0.2
Real (inside) address of host - 192.168.10.23

On the FW, setup local.arp as follows:

10.0.0.2 - MAC address of 10.0.0.1

And a route:

route add -p 10.0.0.2 mask 255.255.255.255 192.168.10.23

This enables STATIC NAT to work properly.  Stick with the automatic rules to
start with - they're ample for a basic configuration.

Tim


----- Original Message -----
From: Sumit Chopra <[email protected]>
To: <[email protected]>
Sent: 14 April 2001 21:23
Subject: [FW1] Dual NAT with FW-1 on NT


>
>
> Hi All,
>
> I am having problems with setting up dual NAT on FW-1(4.1) on NT.  My
> network configuration is :
>
> 1. 10.0.0.0 Network(External)
> 2. 192.168.0.0 Network(Internal)
> 3. FW-1 one interface with IP= 10.0.0.1
> 4. FW-1 second interface with IP=192.168.1.1
> 5. Host on 10.0.0.0 network with IP=10.0.0.2 with the default GW=10.0.0.1
> 6. Host on 192.168.0.0 network with IP=192.168.10.23 with the default
> GW=192.168.1.1
>
> The GUI runs on the clients on 10.0.0.0 network on port 2899 and needs to
> connect to the server on port 2900. I have tested single NAT and it works
> fine. But dual NAT does not.
>
> My local.arp file on the FW has an entry
>
> 10.0.0.1 <MAC of 10.0.0.1 interface>
>
> I have added the following persistent route on the FW:
>
> 10.0.0.0  255.255.255.255   192.168.1.1  192.168.1.1 1
>
> which implies al clients on 10.0.0.0 network gets routed to the
192.168.1.1
> interface of the firewall
>
> I am not very clear how to define the NAT rule. Can someone please tell me
> how to define the rule and if there is something else which needs to be
> done.
>
> Thanks a lot!
>
> -Sumit
>
>
>
>
>
>
>
>
============================================================================
====
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
>
============================================================================
====
>
>


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Follow-Ups:
- RE: [FW1] Dual NAT with FW-1 on NT
  - From: "Sumit Chopra" <[email protected]>

References:
- [FW1] Dual NAT with FW-1 on NT
  - From: Sumit Chopra <[email protected]>

Prev by Date: [FW1] P.A.T. question.
Next by Date: [FW1] Off Topic: Pls help...
Previous by thread: [FW1] Dual NAT with FW-1 on NT
Next by thread: RE: [FW1] Dual NAT with FW-1 on NT
Index(es):
- Date
- Thread