[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] NAT of snmp packets
Title: RE: [FW-1] NAT of snmp packets You've got "leaky NAT". Check Point has an internal bug ID on this one for 4.1; has anyone seen leaky NAT on NG? A common workaround is to use manual NAT rules. If you already using manual NAT rules, you may be out of luck. Re-installing the policy often fixes this, but no guarantees (and, that's no way to have to manage a firewall). Since the source/dest here for snmp is a low port, you can force a high source port translation for this traffic by adding the following lines to /etc/system. NOTE: don't even try this unless everything else fails. This may or may not solve the issue, and requires a reboot of your firewall: set fw:fwx_udp_hide_high=0xa1
(the "a1" and "a2" are hexadecimal for 161 and 162) Best wishes, Dan Hitchcock
The information contained in this email message may be privileged, confidential and protected from disclosure. If you are not the intended recipient, any dissemination, distribution or copying is strictly prohibited. If you think you have received this email message in error, please email the sender at dhitchcock (at) breakwatersecurity (dot) com -----Original Message-----
Is doing static NAT.
njtmrro1 -> 213.69.69.69 UDP D=162 S=161 LEN=99
gesti is the internal IP, and 213.69.69.69 the external (NAT) Ip.
njtmrro1 ============================> Firewall
We have Firewall-1 with 4.1 SP5 over Solaris 7
|