Ok for
whats its worth at this point, I've tested this on IPSO 3.4.2, NG FP1 and it
doesn't work for me either. It simply does not address translate. I'll do
further tests tomorrow.
-----Original
Message-----
From: Mailing
list for discussion of Firewall-1
[mailto:[email protected]]On Behalf Of Raul Gonzalez
Sent: 22 April 2002 15:48
To:
[email protected]
Subject: [FW-1] NG NAT with one valid
IP doesn't work
we have a NG FW FP1
with 3 interfaces, and a DSL Router to
investigate.
Configuration it's like that
:
Web
server (192.168.2.100)
192.168.1.0 (Internal
LAN) ----------------------- Firewall NG
--------------------------------------------------------
INTERNET
(192.168.1.135)
(212.11.21.13 Valid adress)
I am trying make port mapping to
webserver for http and telnet services (http to web server and telnet to
internal server)
using NAT, and "Perform
destination traslation on the client side" is
cheked.
However, I don't get NAT
inside.
Any
Webserver
http
Accept
Log
Any
Internalserver telnet
Accept
Log
Any
Firewall
http
Original
Webserver
Original
Gateways
Any
Firewall
telnet
Original
Internalserver
Original
Gateways
I can get login but in Firewall
host, not in Internalserver (no Xlated paquets in Log, but I can see
61.62.63.123 (Origin)
Firewall (Destination) telnet (Service)
5 (rule number) Accept
61.62.63.123 (Origin)
Firewall (Destination) http
(Service) 6 (rule
number) Accept
(I don't see drop packets about
this, and "Log implied rules" is checked)
In Global Properties is checked
"Automatic rules intersection", "Perform destination translation on the
client side" and
"Automatic ARP
configuration".
I would like to hear some
advise...
Thank's in advance