[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] Question on ip forwarding
Thanks for you reply BillO Actually I have done all those 9 steps. However I still donno why I can't access my web server through an external ip. Even I try to type the external ip under the brower inside the Firewall Server, I also not able to access it. One thing that I want to ask regarding to step 9. Is it just simply create a file called "local.arp" and add in the external address with the corresponding MAC address? If not, please correct me. Thanks a lot! Conrad -----Original Message----- From: BillO [mailto:[email protected]] Sent: 19 June 2002 11:33 To: [email protected] Subject: Re: [FW-1] Question on ip forwarding In general -- under version 4.1 -- you could either create automatic rules or manually create your NAT rules. I am not familiar with NG, but I believe the basics are the same as below with a few automatic options. automoatic NAT =========== 1. create a workstation object. 2. use the actual ip under the first tab. 3. click on NAT tab 4. put checkmark in "create automatic translation" 5. select STATIC 6. put external IP address (the one not actually on the box). 7. add a PROXY ARP MAC address using the external MAC for the external ip address. manual NAT ========= 1. create a workstation object with the external ip address. 2. create a workstation object with the internal ip address 3. click on "network address translation tab" 4. add two rules (if there are other rules already there, make sure there is not logic conflict). 5. for rule one, put external ip workstation object in original destination. 6. for rule one, put internal ip workstation object in translated destination. 7. for rule two, put internal ip workstation object in original source. 8. for rule two, put external ip workstation object in translated source. 9. add a PROXY ARP MAC address using the external MAC for the external ip address. If you did not do the above, what steps did you do to NAT the external IP? Bill ----- Original Message ----- From: "Conrad Ng" <[email protected]> To: <[email protected]> Sent: Tuesday, June 18, 2002 8:59 PM Subject: [FW-1] Question on ip forwarding > Dear all > > I have got an external ip need to forward to an internal ip under Checkpoint > Firewall-1. Actually I have already added the rules in the Naming > Translation tab. However, I donno why I still can't access to the > destination using the external ip. Is there any order that I need to follow? > Am I missed anything except from adding the rules into the firewall? I > really hope someone can help me as I am really a newbie to this application. > Thanks a lot!!! > > Conrad Ng > > > ______________________________________________________ > > Scott Wilson Ltd celebrates its new name during its 50th year in Hong Kong! > > This e-mail and any attachments to it are intended only for the party to > whom they are addressed. They may contain privileged and/or confidential > information. If you have received this transmission in error please notify > the sender immediately and delete any digital copies and destroy any paper > copies. Thank you. > > Scott Wilson accepts no contractual liabilities or commitments arising from > this e-mail unless subsequently confirmed by fax or letter or as an e-mail > attachment giving company name, address, registration number and authorized > signatory. > ______________________________________________________ > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ______________________________________________________ Scott Wilson Ltd celebrates its new name during its 50th year in Hong Kong! This e-mail and any attachments to it are intended only for the party to whom they are addressed. They may contain privileged and/or confidential information. If you have received this transmission in error please notify the sender immediately and delete any digital copies and destroy any paper copies. Thank you. Scott Wilson accepts no contractual liabilities or commitments arising from this e-mail unless subsequently confirmed by fax or letter or as an e-mail attachment giving company name, address, registration number and authorized signatory. ______________________________________________________ ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|