NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Static NAT in NT


  • To: [email protected]
  • Subject: Re: [FW-1] Static NAT in NT
  • From: Aeon Hale <[email protected]>
  • Date: Fri, 1 Feb 2002 15:00:08 -0500
  • Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
  • Sender: Mailing list for discussion of Firewall-1 <[email protected]>
  • Thread-index: AcGrWdJSmUQYBCxzTy+Dn/gakz5QTwAATgaw
  • Thread-topic: Re: [FW-1] Static NAT in NT

jsut one..

-----Original Message-----
From: Peter Papadopoulos [mailto:[email protected]]
Sent: Friday, February 01, 2002 1:53 PM
To: [email protected]
Subject: Re: [FW-1] Static NAT in NT


how many ip addresses are bound to the ethernet card of your mail
server?

Pete

-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:[email protected]]On Behalf Of Aeon
Hale
Sent: Friday, February 01, 2002 12:09 PM
To: [email protected]
Subject: Re: [FW-1] Static NAT in NT


Thanks everyone for the responses:

Yes, I do have rules allowing traffic to the mail server.
Yes, Static NAT rule is before Hide NAT Rule (in fact, mail server
cannot get to internet at all but all other machines, which would be
using HIDE nat rule are able to access internet)
Yes, local.arp is correct as i see it.  IP Mac of external NIC of FW
located in $FWDIR/state directory
Yes, FW service was restarted after chaging local.arp, in fact fw was
rebooted several times
Anti-spoofing is currently off for all interfaces.

I've tried everythign that I could think of.  I've set this up many
times in the past and NT really isn't that difficult.  I'm going to try
to setup a different machine with the same setup and see what happens.
I'm just not sure what's wrong.

Thanks again for the help.

-----Original Message-----
From: Matthias Leu [mailto:[email protected]]
Sent: Friday, February 01, 2002 10:37 AM
To: [email protected]
Subject: Re: [FW-1] Static NAT in NT


Hi,
some ideas that might help for your static NAT problem
- the static rule is before the hide rule, right?
- local.arp correct interface, correct form (ip m-a-c), and correct
filename
(case sensitive)?
- after changes in local.arp FW restarted?
- Anti-Spoofing ok?
Hope it helps,
best regards,
Matthias
http://www.fw-1.de

Don wrote:

> What version of Firewall-1 is this?
>
> > Hey everyone, I need somebody to confirm that I'm not going crazy.
I
> > setup a FW machine for a client.  Real basic setup.  Running NT,
FW-1
> > 4.1 sp3.  2 Nics, one internal net, one external.  All users are
HIDE
> > NAT but wants me to static NAT one address for a test exchange
server on
> > internal net (yes, I know, shouldn't have it on internal net).  This
> > setup isn't hard by all means.  Basically,
> >
> > 1.  Add NAT rules
> > 2.  Add static route
> > 3.  Add arp entry
> > 4.  Create local.arp in state directory
> >
> >
> > Well, I've created automatic and then manual NAT rules....doesn't
work
> > I've put static routes...doesn't work
> > i've added arp entries...doesn't work
> > local.arp file is there...doesn't work.
> >
> >
> > That exchange server will not get passed the firewall.  I look at
the
> > logs and they say that they are translating the address (i.e source
> > 10.x.x.x Xlated source 209.x.x.x) but gets nowhere.  That machine
cannot
> > even ping the internet router (default gateway for firewall) but all
> > other machines can.
> >
> > What am I missing?  Ive set this up a million times.  Even more
weird,
> > his current FW is the same setup, NT, 2 nics, FW-1 4.1 but on a
slower
> > machine but NATS perfect.  I've compared the two boxes and I cannot
see
> > what the differences are...
> >
> > Any help would be great.
> >
> > Thanks,..
> >
> > =================================================
> > To set vacation, Out Of Office, or away messages,
> > send an email to [email protected]
> > in the BODY of the email add:
> > set fw-1-mailinglist nomail
> > =================================================
> > To unsubscribe from this mailing list,
> > please see the instructions at
> > http://www.checkpoint.com/services/mailing.html
> > =================================================
> > If you have any questions on how to change your
> > subscription options, email
> > [email protected]
> > =================================================
> >
>
> =================================================
> To set vacation, Out Of Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================

--
AERAsec Network Services and Security GmbH
Wagenberger Straße 1
D-85662 Hohenbrunn, Germany
http://www.aerasec.de

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.