|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW-1] Migration Headache MORE
You may also need to provide an arp entry for that (depends on you set
up) AND you may need a third part utility for that (I use fwparp).
If you think it is a routing issue confirm the following registry
entry:
In location
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters
Value for IpEnableRouter should be set to 1
(not zero)
Andy
Hello list:
Tried a migration (fresh install) of FW-1 4.1
last night on a Windows 2000 SP 2 Compaq Proliant 1600. Thought the
install went well until my users were not able to receive any e-mail,
sending e-mail was ok.
Here is a quick Config rundown:
Checkpoint FW-1 4.1 SP5 on Enforcement Module
(Windows 2000 SVR SP2)
Checkpoint FW-1 on the GUI Client and
Management Module (Windows 2000 SVR SP2)
This was a fresh install. I opted to
manage my routes manually; I already had a text printout of the routes
from my NT 4.0 Firewall-1 (4.0)
Basically the first few rules look as
such
Firewall
-----> Management
Accept
Management
----->
Firewall
Accept
ANY
----->
SMTP_SVR(NAT'ed) Accept
SMTP_SVR(NAT'ed)
-----> Outside_world
Accept
I also had the necessary DNS rules installed so
the Mail server could do a DNS lookup. The strange thing is that on
the Log you could see the Firewall pass the request from the public IP of
the SMTP server to the NAT'ed address but the SMTP server never received
the e-mail.
I think this is a routing problem; I am new to
routing with Windows 2000. Any ideas or a thought on what to look
at next is greatly appreciated.
Eric
Eric M Hanke
Senior Network Engineer
Tempel Steel Company
Magnetic Steel Laminations for the Electronic and
Electrical Industries
Phone
Andy Druda
Network & Communications Manager
Wagner College
Staten Island, New York 10301
|
|