NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Web server in DMZ



Hi,

Thanks for the many response, we are using FW-1
version 4.0 on NT4. 

Yes, we have added the route to the Route Table as
below

route add -p internal_ip mask 255.255.255.255
DMZ_interface metric 1

We also added the arp but we created a bat file to run
during startup for the arp (we run this bat file
before we do the test, will there be a problem)

arp -s   external_ip   Mac address  FW1_external_ip

We do not have a local.arp file in the
c:\winnt\fw\state directory, can we just create it and
input the Web server External_ip and the Mac address
of the FW external_ip.

We are using Stat NAT.

How would I check if the FW-1 is answering the ARP
request for the NATed address?

We are still unsuccessful. What else did we missed?


Cheers,
Ivan

--- James Clarke <[email protected]> wrote:
> Have you set up the static route and the local.arp
> file to reflect the
> internal static NAT?  Also what platform are you on?
> 
> James.
> 
> -----Original Message-----
> From: Ivan More [mailto:[email protected]]
> Sent: 05 June 2001 11:00
> To: [email protected]
> Cc: [email protected]
> Subject: [FW1] Web server in DMZ
> 
> 
> 
> Hi,
> 
> We are trying to setup a web server in the DMZ for
> public access. But we are not successful. 
> 
>   Internet
>   ******** 
>      |
>      |
>      |
>      |
>      |
> -----------
> |          |
> |          |           ----- DMZ
> |   FW     |-----------|   | web server 
> |          |           ----- internal IP 10.1.1.100
> |          |                 external IP 
> ------------
>      |
>      |
>   ******
>   Office
> 
> 
> In our rule base we have
> 
> source    destination    service 
> Any       Web server     http
>           NAT to 
>           external IP
> 
> We did not see any traffic connecting to this web
> server even when we try to connect to it (not using
> VPN). What did I missed out?
> 
> 
> Any help will be appreciated. Thanks.
> 
> 
> Cheers,
> Ivan
> 
>
_______________________________________________________
> Do You Yahoo!?
> Get your free @yahoo.ca address at
> http://mail.yahoo.ca
> 
> 
>
============================================================================
> ====
>      To unsubscribe from this mailing list, please
> see the instructions at
>               
> http://www.checkpoint.com/services/mailing.html
>
============================================================================
> ====


_______________________________________________________
Do You Yahoo!?
Get your free @yahoo.ca address at http://mail.yahoo.ca


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.