NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW-1] Migrating raptor to fw-14.1 and sp5



Hi Gurus
 
I need configure fw-1 with linux version 7.2 and fw-1 4.1 with sp5.
I need change one raptor firewall for the checkpoint 4.1 and have many problems with the e-mail DNS and web this is my configurtion in checkpoint.
 
(200.100.1.0) ----------(200.10.1.1)---(148.243.1.1)------(148.243.1.1)-----(ISP)
Internal net-------------------------Firewall-------------------------router--------------------Internet
server-webinternal-(200.100.1.2)-------------------------(valid address:148.243.1.2)server web externo
e-mail-(200.100.1.3))-------------------------(valid address:148.243.1.3)server email externo
dns-internal(200.100.1.4))-------------------------(valid address:148.243.1.4)dns external.
 
and have relay for the email.
 
I add tree static route in my linux
 
route add -host148.243.1.2 gateway 200.100.1.2
route add -host148.243.1.3 gateway  200.100.1.3
route add -host148.243.1.4 gateway 200.100.1.4
 
and add in te file S3***the arp
 
148.243.1.2 ---mac adreess o interfece internal to the firewall
148.243.1.3 ---mac adreess o interfece internal to the firewall
148.243.1.4 ---mac adreess o interfece internal to the firewall
 
rules
source---------------------------------------destination-------------------------service---------------action
any------------------------------------------serverweb-web externo---------------http---------------accept
any------------------------------------------serverweb-email externo---------------any--------------accept
any-------------------------------------serverweb-dns externo---------------------any----------------accept
group for user to internet-------------any-----------------------------------------http&https---------accept
Internal Net-------------------------networ192.168.1.0--------------------------telnet,icmp,ssl-----accept
any------------------------------------Firewall--------------------------------------------NBT,Ident--------reject
any--------------------------------------any------------------------------------------------any------------------drop
 
Nat manual rules
 
source------------------destination--------------service---------------source --------------destination------------- service------install on.
 
any----------------------------DNS-externo------------------any---------------------------original--------------------DNS_internal-static-------original---------- Gateway
Dns_internal---------------any-------------------------------any---------------------------DnsExterno-static-----original------------------------original---------- Gateway
 
any----------------------------web-externo--------------any---------------------------original------------------------Serverweb_internal-static--original---------- Gateway
Serverweb_internal-------any-------------------------------any---------------------------web-externo-static-----original------------------------original---------- Gateway
 
any----------------------------email_externo------------------any---------------------------original--------------------email_internal----------------original---------- Gateway
email_internal---------------any-------------------------------any---------------------------emailexterno-static-----original------------------------original---------- Gateway
 
InternalnetRange----------any-------------------------------any---------------------------firewall Hyde--------------------original--------------------original---------- Gateway
 
 
the problem is :
I cannot see the email server for send and receive email
I cannot see the web server from the external network(internet)
but I can see the internet from the internal network.
I think to my Dns is working!!! actually with the raptor firewall the dns send a relay to email server and is working with this but when I install the fw-1 no function.
 
Do you have some suggest or comments?
thanks
bye

Hope you can help me out,


 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.