[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FW-1] Problem with arp -s in NG firewall on Windows 2000 server
Hi all,
I want to set a NG (feature pack 2) testing firewall on Windows 2000 server.
I want to set up a Web server at my DMZ network side. It's IP address is
192.168.3.211. This IP is an invalid one. I want to give it a valid IP
address.
What I did is like this:
1. From Policy Editor, Create a network object called Websrv,
IP Address: 192.168.3.211
Net Mask: 255.255.255.0
NAT: "Add Automatic: Address Translation rules"
Translation rules: static
Network IP address: 209.10.25.23 (a valid IP address from external interface
side).
Install on gateway: All
2. From firewall box(I put firewall module and management server onto
the same box), I run these commands:
C:\> arp -s 209.10.25.23 00-AB-6D-C3-D7-2B
C:\> route add 209.10.25.23 192.168.3.211 metric 1
While 00-AB-6D-C3-D7-2B is the MAC Address of the external interface of my
firewall Wall.
3. I set up a rule:
Any Websrv any accept
Now I suppose can ping the Web server from a box at the external side
(209.10.25.28), but I CAN NOT do it !!!
The follow is a simple diagram:
------------------------------------------------- External (209.10.25.0, I
put a testing box, 209.10.25.28 here)
|
|
Firewall box ------------- Internal (10.2.0.0)
|
|
--------------------------------------------------- DMZ (192.168.3.0, where
I put my Web server)
Any idea about this?
Thank you for your help in advance.
William
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================