NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Not able to ping from FW to either way

Hi Don,
Thanks for your continued support.

1)The arp entry is like this

  206.234.243.134 <MAC address of FW's external interface>

2)It is Win-Nt 4.0 SP6

3)I am able to ping my router now 206.234.243.1 and host also 172.16.1.134
but only after checking the option Policy>Properties>
  Security Policy>Accept ICMP(before last)

4)I am able to reach my FW's external IP from tracert.com but not able to
reach my NAT IP 206.234.243.134 from the net(in this case i fail to each my
FW's external IP also!!)

Kindly guide.
Thanks
Puneet.



-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:[email protected]]On Behalf Of Don
Sent: Monday, January 14, 2002 6:46 PM
To: [email protected]
Subject: Re: [FW-1] Not able to ping from FW to either way


> Hi Don,
> Many thanks for your efforts, actually the diagram is like this
>
> Host(172.16.1.134)----FW(172.16.1.1 & 206.234.243.19)
>                                                 |
>                                           Router
>                                         (206.234.243.1)
>                                                 |
>                                           Internet
>
> I am only trying to do static IP NAT for one host, rest all are on valid
> Internet IPs.
If they are on valid IP's, are they behind the firewall? Or on a DMZ?

> My route print shows:
>
> 0.0.0.0          0.0.0.0          206.234.243.1    206.234.243.19    1
> 127.0.0.0        255.0.0.0        127.0.0.1        127.0.0.1         1
> 172.16.0.0       255.255.252.0    172.16.1.1       172.16.1.1        1
> 172.16.1.1       255.255.255.255  127.0.0.1        127.0.0.1         1
> 172.16.255.255   255.255.255.255  172.16.1.1       172.16.1.1        1
> 206.234.243.0    255.255.255.0    206.234.243.19   206.234.243.19    1
> 206.234.243.19   255.255.255.255  127.0.0.1        127.0.0.1         1
> 206.234.243.134  255.255.255.255  172.16.1.134     172.16.1.1        1
> 206.234.243.255  255.255.255.255  206.234.243.19   206.234.243.19    1
> 224.0.0.0        224.0.0.0        172.16.1.1       172.16.1.1        1
> 224.0.0.0        224.0.0.0        206.234.243.19   206.234.243.19    1
> 255.255.255.255  255.255.255.255  172.16.1.1       172.16.1.1        1
This looks fine. Do you have the appropriate arp entries in your local.arp
file? Is this on Windows NT or Windows 2k?

Do you have a correct rulebase?

-Don

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================


 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.