Seems like
a lot of comments regarding FW-1 SP5 and W2K. I posted this a week ago found (and tested) the resolution.
Believe it
or not, I had to add a route on the Windows 2000 server for the internal server
to be NAT’ed. The route looked
like this:
<Public
IP of Server (NAT’ed)> MASK
<255.255.255.255> <NAT’ed Address (Private)>
I had to
tell the Firewall that I wanted to manage my routes.
This route
was on my one NT 4.0 FW 4.0 firewall.
I just overlooked it during the new install.
Hope this
helps someone.
Eric
Eric M Hanke
Senior Network Engineer
Tempel
Steel Company
Magnetic Steel Laminations for the
Electronic and Electrical Industries
Phone
-----Original Message-----
From: Hanke, Eric
Sent: Wednesday, October 24, 2001
4:12 PM
To:
[email protected]
Subject: Migration Headache
Hello list:
Tried a migration (fresh install) of FW-1 4.1 last night on a Windows
2000 SP 2 Compaq Proliant 1600.
Thought the install went well until my users were not able to receive
any e-mail, sending e-mail was ok.
Here is a quick Config rundown:
Checkpoint FW-1 4.1 SP5 on Enforcement Module (Windows 2000 SVR SP2)
Checkpoint FW-1 on the GUI Client and Management Module (Windows 2000
SVR SP2)
This was a fresh install. I
opted to manage my routes manually; I already had a text printout of the routes
from my NT 4.0 Firewall-1 (4.0)
Basically the first few rules look as such
Firewall -----> Management Accept
Management -----> Firewall Accept
ANY -----> SMTP_SVR(NAT’ed) Accept
SMTP_SVR(NAT’ed) -----> Outside_world Accept
I also had the necessary DNS rules installed so the Mail server could do
a DNS lookup. The strange thing is
that on the Log you could see the Firewall pass the request from the public IP
of the SMTP server to the NAT’ed address but the SMTP server never received the
e-mail.
I think this is a routing problem; I am new to routing with Windows
2000. Any ideas or a thought on
what to look at next is greatly appreciated.
Eric
Eric M Hanke
Senior Network Engineer
Tempel Steel
Company
Magnetic Steel Laminations for the
Electronic and Electrical Industries
Phone