Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] NAT problem?

To: "Fw-1-Mailinglist \(E-mail\)" <[email protected]>
Subject: Re: [FW1] NAT problem?
From: "Murat Tora" <[email protected]>
Date: Fri, 15 Jun 2001 10:40:00 +0300
References: <217449A1DFB4D411A47B00805FC7EAA040C465@BIGBOY>
Sender: [email protected]

Hi,

I think you should check the "log implied rules" box in the properties
window if not already.  So you can watch the traffic filtered by rule 0.
And your problem may arise from the anti-spoofing rules you have.  In that
case ;
1.create a workstation object called ie linux_real, for the static
translated real ip of your linux box
2.create a group object called ie anti_spoof_grp and put the network object
(in which your linux box locates) and linux_real in this group ( if you
already have such a group like that for anti_spoofing just put the
linux_real in it)
3.Open your firewall object -> interfaces tab
4.double click the interface of nw your linux box in
5.open the security tab
6.select the spesific option  and chose the group anti_spoof_grp
7.Install the new rule base.


Regards.

Murat TORA


----- Original Message -----
From: "Bilgehan turan" <[email protected]>
To: "Fw-1-Mailinglist (E-mail)"
<[email protected]>
Sent: Friday, June 15, 2001 2:50 PM
Subject: [FW1] NAT problem?


>
> Hi
> I want to put a linux box behind checkpoint FW-1 4.1 (running on NT box)
by
> NAT of course.
> I can ping to outside from linux but I could not ping from outside from my
> linux.
> When I look online logs (when pinging from outside), dropped or accepted
> packets were not displayed in logs.
> But when pinging from inside to an outside machine , icmps were displayed.
> I configure the NAT the same as an NT box which works fine for NAT in our
> policies.
> In interfaces tab, I add eth0 (which is the linux ethernet interface name)
> and its internal address.
> and in NAT tab, its real ip was inserted as static.
> Everthing looks fine , but not works.Something wrong with my NAT.
> I also add a rule that any source to any service to my linux box is
accepted
> and I restrat FW services.
> Have an idea ?
>
> thanks in advance
>
>
> Bilgehan TURAN
> System and Network Administrator
> Ph    :> Mob :>
>
>
>
============================================================================
====
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
>
============================================================================
====
>



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

References:
- [FW1] NAT problem?
  - From: Bilgehan turan <[email protected]>

Prev by Date: [FW1] CCSA resource
Next by Date: RE: [FW1] unexpected drop entries in log viewer
Previous by thread: [FW1] NAT problem?
Next by thread: Re: [FW1] NAT problem?
Index(es):
- Date
- Thread