Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] ICMP problems

To: [email protected]
Subject: Re: [FW-1] ICMP problems
From: enash <[email protected]>
Date: Sun, 16 Dec 2001 12:34:40 -0500
Importance: Normal
In-reply-to: <[email protected]>
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

Sounds like you need to define NAT.  If you have created an object for your
Network or an object for your workstation that your trying to ping from.
Define the Address Translation by going to Objects propeties tab. choose
hide or static.  and the ip that your translating to.  If its static then
you wiil need to add routes as well.  If you have any further issues
www.phoneboy.com is very helpful.


-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:[email protected]]On Behalf Of Gordon
Webber
Sent: Sunday, December 16, 2001 10:54 AM
To: [email protected]
Subject: [FW-1] ICMP problems


Hi, Just a simple one I hope...

To simplify the description, lets say I have an FW-1 on a NOKIA with two
user interfaces (ethernet) enabled.
I have a workstation attached to the lan on each interface and I install a
policy with no "clean-up" rule.
Instead the last rule is "any any any accept".
I have set "ipsofwd on" at the Nokia level. (I thought FW-1 allowed
forwarding and tat it was just the Nokia that needed to be forced to allow
this ?)

And yet I cannot ping from one workstation to the other !

The "Allow ICMP" option in the "Policy properties" only inserts an "any any
ICMP accept" rule anyway (?), so my "allow-any" rule should cover that.
The routing/default gateway's on the workstations just points to the local
interface on each.

So what is stopping the ping ???
Any suggestions would be gratefully received !

Cheers, Gordon

=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
If you have any questions on how to change your
subscription options, email Ron Alcatraz at:
[email protected]
=================================================

=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
If you have any questions on how to change your
subscription options, email Ron Alcatraz at:
[email protected]
=================================================

References:
- [FW-1] ICMP problems
  - From: Gordon Webber <[email protected]>

Prev by Date: [FW-1] ICMP problems
Next by Date: [FW-1] My VERY BAD UFI resouce experience!
Previous by thread: [FW-1] ICMP problems
Next by thread: Re: [FW-1] ICMP problems
Index(es):
- Date
- Thread