Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] SIMPLE QUESTION

To: [email protected]
Subject: [FW1] SIMPLE QUESTION
From: [email protected]
Date: Wed, 02 May 2001 19:23:15 +0430 (GMT+04:30)
Sender: [email protected]

I have installed fw1-41 (standalone) on my Sun 
ultra OE Solaris8, which all went well. 
My fw1 has two nic, one hme0 and one lane0 where the 
hme0 is connected to my internal net with private 
ip-addresses and my lane0 card is connected to the 
external network.

Here I want to protect my internal net and also do
a hiding NAT where I use the public ip-address
from lane0 to route the packets on the external net.

It is here my problems start, how I try to configure
my firewall it doesn't seem to happen anything with
the packets. For example I try to ping a computer
on my external net from my internal it does not
translate the address.

I think that is the most simplest configuration and 
should not be any problems.




In network object I have configured:
internal-net	(internal, broadcast allowed, automatic
		 NAT and hide)
external-net	(external, broadcast allowed)
firewall	(internal, gateway, 2 nic, vpn&fw-1 
		 modules)

This generates my NAT Standard, which seems to be ok.


In my Security policy standard rule no.1 says:
source:		internal-net
destination: 	external-net
service:	any
action:		accept
install on:	all
time:		any


That is my first basic configuration which I
want to test.


Other things to know:

I have enabled fw-1 in startup. In boot or when I 
run /opt/CPfw1-41/fwstart it says
"fetching security policy from local host failed"


When I run /opt/CPfw1-41/fwpolicy it says
"
Wind/U Warning (270): Individual setting of locale environment 
variables unsupported (LC_CTYPE); set LANG instead.
Wind/U Warning (270): Individual setting of locale environment 
variables unsupported (LC_NUMERIC); set LANG instead.
Wind/U Warning (270): Individual setting of locale environment 
variables unsupported (LC_TIME); set LANG instead.
OLE API Function CoCreateGuid is not currently implemented.  
Further warnings will be suppressed
"

Last thing, my .profile in root is
FWDIR=/opt/CPfw1-41; export FWDIR
PATH=$PATH:$FWDIR/bin:/usr/local/bin:/usr/sbin; export PATH
MANPATH=/usr/man:$FWDIR/man:/usr/local/man; export MANPATH


I hope I have described my situation and configuration
enough and hope that maybe anyone can advice me 
what to do. 

thanks a lot.
Andreas Olsson




-------------- End Forwarded Message --------------


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: Re: [FW1] DNS requests making it through the firewall !
Next by Date: [FW1] gfb: fw1 management station not logging
Previous by thread: Re: [FW1] CVP and relaying
Next by thread: [FW1] SIMPLE QUESTION
Index(es):
- Date
- Thread