Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Web server in DMZ

To: "Stevens, George \(Aerostructures\)" <[email protected]>
Subject: RE: [FW1] Web server in DMZ
From: Ivan More <[email protected]>
Date: Wed, 6 Jun 2001 03:19:42 -0400 (EDT)
Cc: [email protected]
In-reply-to: <[email protected]>
Sender: [email protected]

Hi,

Thanks George for your advise.

We are running FW-1 ver 4.0 on NT4.

We have setup the route table to route traffic for the
web server internal IP to the DMZ interface card.

We have also set arp on our external interface card
for the external IP of the web server by using a bat
file at startup. Anyone can enlighten me if this is
the proper way of setting up the arp on NT4?


Cheers,
Ivan


--- "Stevens, George (Aerostructures)"
<[email protected]> wrote:
> Better definition of your rule would be 
> 
> "not office"	"external addr"	"http"	"allow"
> "office"		"internal addr"	"http/ftp?"	"allow"
> 
> rules with the static NAT ... AND you will also need
> proper 
> routing ... you didn't mention what operating system
> 
> you're using, assuming Solaris ... 
> 
> assuming fw interface addr - 10.1.1.1
> route add net 10.1.1.0 10.1.1.1 1
> route add host "external NAT addr" "internal host
> addr" 1
>  AND don't forget to add an "arp" on the external
> interface!
> 
> arp -s "external addr" "MAC addr" pub
> 
> you'll have to check with others for the other
> operating 
> systems.
> Good luck,
> Geo
> 
> > -----Original Message-----
> > From: Ivan More [mailto:[email protected]]
> > Sent: Tuesday, June 05, 2001 3:00 AM
> > To: [email protected]
> > Cc: [email protected]
> > Subject: [FW1] Web server in DMZ
> > 
> > 
> > 
> > Hi,
> > 
> > We are trying to setup a web server in the DMZ for
> > public access. But we are not successful. 
> > 
> >   Internet
> >   ******** 
> >      |
> >      |
> >      |
> >      |
> >      |
> > -----------
> > |          |
> > |          |           ----- DMZ
> > |   FW     |-----------|   | web server 
> > |          |           ----- internal IP
> 10.1.1.100
> > |          |                 external IP 
> > ------------
> >      |
> >      |
> >   ******
> >   Office
> > 
> > 
> > In our rule base we have
> > 
> > source    destination    service 
> > Any       Web server     http
> >           NAT to 
> >           external IP
> > 
> > We did not see any traffic connecting to this web
> > server even when we try to connect to it (not
> using
> > VPN). What did I missed out?
> > 
> > 
> > Any help will be appreciated. Thanks.
> > 
> > 
> > Cheers,
> > Ivan
> > 
> >
>
_______________________________________________________
> > Do You Yahoo!?
> > Get your free @yahoo.ca address at
> http://mail.yahoo.ca
> > 
> > 
> >
>
==============================================================
> > ==================
> >      To unsubscribe from this mailing list, please
> see the 
> > instructions at
> >               
> http://www.checkpoint.com/services/mailing.html
> >
>
==============================================================
> > ==================
> > 


_______________________________________________________
Do You Yahoo!?
Get your free @yahoo.ca address at http://mail.yahoo.ca


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Follow-Ups:
- RE: [FW1] Web server in DMZ
  - From: "Lars Troen" <[email protected]>

Prev by Date: [FW1] Removing Internet Explorer
Next by Date: Re: [FW1] Problems with FW1 and NT
Previous by thread: RE: [FW1] Web server in DMZ
Next by thread: RE: [FW1] Web server in DMZ
Index(es):
- Date
- Thread