Dear all, we are experiencieng a
very strange problem. We have a radius server connected to a max6000 wan
router,all users coming from dial-up network receives an ip adress from the
pool configured in the max6000 Ascend. then in the CP firewall we have a
rule :for this pool do NAT I can connect and even get authenticated by the
server. in my client box (windows) i run winipcfg and for the ppp
connection i see the ip adress of the pool and not the valid one as a result
cannot browse the internet.
any help? Server Radius :solaris 2.6 on E250 Firewall :solaris
2.6 check point fw-1 4.1 on ultra 10 Ras server Max6000 Ascend
the route table on the router:
** Ascend Pipeline Terminal Server **
ascend% iproute show
Destination
Gateway
IF Flg Pref
Met Use
Age 0.0.0.0/0
172.16.1.1 ie0
SGP 60 1 16292
320693 127.0.0.0/8
-
bh0 CP
0 0 0
320693 127.0.0.1/32
-
local CP 0
0 0
320693 127.0.0.2/32
-
rj0 CP
0 0 0
320693 172.16.1.0/24
-
ie0 C
0 0 21336
320693 172.16.1.0/24
-
ie0 *S 100
1 0
127398 172.16.1.2/32
-
local CP 0
0 20765 320693 172.16.2.18/32
172.16.2.18 wan19
rT 60 1
174
78 224.0.0.0/4
-
mcast CP 0
0 0
320693 224.0.0.1/32
-
local CP 0
0 0
320693 224.0.0.2/32
-
local CP 0
0 45
320693 224.0.0.5/32
-
local CP 0
0 0
320693 224.0.0.6/32
-
local CP 0
0 0
320693 224.0.0.9/32
-
local CP 0
0 0 320693 255.255.255.255/32
-
ie0 CP
0 0 12 320693
ascend%
the net that connects the router and firewall is 172.16.1.0
mask 24
router adress 172.16.1.2 ===firewall adress 172.16.1.1 and he is the
default gateway in the router.
from the table:172.16.1.0/24
-
ie0 C
0 0 21336 320693 appears to be the right route
to the net of the firewall.
0.0.0.0/0
172.16.1.1 ie0
SGP 60 1 16292
gateway seted
172.16.2.18/32 172.16.2.18
wan19 rT 60
1 174 78 wan interface
created in the ppp connection
Thankx in advance
Fabio
|