|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] NAT and "too many internal hosts"
> This is clear because for FW 4.1 is the rule P-R-N: policy, routing (with > the external source ip address) and THEN NAT) > this means all the external official source ip addresses will be seen on my > INTERNAL interface and the counter will be increased. > So we got "too many internal hosts" messages. > My question: is there a trick to avoid this (please no upgrade to NG ;-) ) > and will be something else happen, if we ignore this message e.g. that the > firewall will stop working, if we not clear the counter ? Make sure the file %fwdir%/conf/external.if has the name of your external interface in it to avoid counting external hosts. There was also a problem with versions prior to SP4 double counting hosts. Use "fw lichosts" to print the list of hosts FW-1 thinks it is protecting to see whether it is counting external hosts or simply double counting internal hosts. -Don ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
