[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] natting and internal webserver to external.
Hello, I'm having a problem with a test webserver that I'm trying to setup. I have natted an valid ip address to an internal server for a test website. The natting appears to be working ok, but I'm still not getting through. I have run tcpdump on all relevant interface to make sure that the natting is taking place, which it appears to be. I am pinging the external address and get the following in the logs. First I get an accept on the external interface on the correct rule (so far so good), the next entry is a drop by the internal interface on rule zero! why is the external interface accepting on the correct rule, but the internal interface dropping? I have tried both inbound and either bound on the policy, and have tried with icmp disabled from rule 0 (we have a specific rule), and have even tried it accepting icmp as a 'first' implied rule. can anyone give me any suggestions? thanks and regards rich Richard Marshall Network Systems Analyst NetDoktor Tel: + 44 20 7681 8470 Mobile: + 44 7980 865 306 MSN Messenger: [email protected] E-mail: [email protected] http://www.netdoktor.com ----------------------- ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|