Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] Routing in NT with 3 nic's

To: Bob Billington <[email protected]>
Subject: Re: [FW1] Routing in NT with 3 nic's
From: James Bell <[email protected]>
Date: Thu, 16 Aug 2001 01:31:24 -0700
Cc: Jean-Pierre Harvey <[email protected]>, [email protected]
References: <[email protected]>
Sender: [email protected]

OK, so taking from a similar setup that we have, you need the
following routes on the following devices, assuming you're doing
static and not messing around with actual RIP routing updates with
FW1. Caveat: I'm assuming that your "x.x" are representing *networks*
that you own and are just hiding for lurker security reasons.

On router:
route for 206.43.x.x (this is automatic route due to being connected)
static route for 206.67.x.x pointing at FW1 external 206.43.x.x
address as next hop

On nt firewall box:
kill auto route for connected 206.67.x.x that points at 127.0.0.1
static route for 206.67.x.x pointing at gateway of the 3rd nic
address.

Had to something similar at work with a multiple NIC fw-1 replacement
I'm building.

Bob Billington wrote:
> 
> I suspect I have a routing problem, put I am unable to
> isolate where I have the problem, or for that matter
> why I have a problem
> 
> The archtitecture is as follows (leaving out the
> 192.168.x.x interface for the moment)..
> 
>          206.43.x.x --\
> Internet --- Router --- FW-1 ---- DMZ
>                             \_____206.67.x.x
> 
> Thanks
> 
> bob
>  --- Jean-Pierre Harvey
> <[email protected]> wrote: > Bob,
> >
> > It sounds like a routing issue... is FW-1 running on
> > the NT box? Is the
> > router inside or outside? Your architecture is not
> > clear.
> >
> > Is it:
> >
> > Internet ---- FW-1 ---- Router ---- NT -NAT-
> > 192.168.x.x
> >                                               \____206.67.x.x
> >
> > which seems like a strange setup.... can you do a
> > diagram like the one above
> > the way your network is set up?
> >
> > Regards
> > JP
> >
> > -----Original Message-----
> > From: Bob Billington
> > [mailto:[email protected]]
> > Sent: Sunday, August 12, 2001 5:22 PM
> > To: [email protected]
> > Subject: [FW1] Routing in NT with 3 nic's
> >
> >
> >
> > Folks,
> >
> > I have an NT 4 (sp 6a) host with three nics.  The
> > first has an external IP address (206.43.x.x) and
> > directly connects to our router.  The second nic has
> > a
> > 192.168.1.x address with static NAT - this is
> > working!!
> >
> > My problem is - the third nic.  This nic has an
> > external IP address (206.67.x.x) and I can not seem
> > to
> > connect to it from the Internet side of the
> > firewall.
> >
> >
> > When I check the routing table, there is an entry
> > for
> > the 206.67.x.x network and has its gateway as the
> > address I have assigned at the firewall.  The
> > address
> > of the nic itself has a gateway of 127.0.0.1.  I
> > have
> > tried to add a route that points the 206.67.x.x
> > network to the external interface of the firewall,
> > however this was unsuccessful.
> >
> > I have an any any any accept rulebase, and when I
> > ping, I do not get any joy.
> >
> > Is this a routing issue? should I be considering
> > proxy
> > arps's?
> >
> > your help would be much appreciated...
> >
> > thanks
> >
> >
> >
> ____________________________________________________________________________
> > _
> > http://shopping.yahoo.com.au - Father's Day Shopping
> > - Find the perfect gift for your Dad for Father's
> > Day
> >
> >
> >
> ============================================================================
> > ====
> >      To unsubscribe from this mailing list, please
> > see the instructions at
> >
> > http://www.checkpoint.com/services/mailing.html
> >
> ============================================================================
> > ====
> 
> _____________________________________________________________________________
> http://shopping.yahoo.com.au - Father's Day Shopping
> - Find the perfect gift for your Dad for Father's Day
> 
> ================================================================================
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
> ================================================================================


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

References:
- RE: [FW1] Routing in NT with 3 nic's
  - From: Bob Billington <[email protected]>

Prev by Date: [FW1] Firewall Files
Next by Date: [FW1] Installation Problems
Previous by thread: RE: [FW1] Routing in NT with 3 nic's
Next by thread: [FW1] fwgold
Index(es):
- Date
- Thread