Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Static Mapping and ARP issue in Win2k NG FP3

To: [email protected]
Subject: Re: [FW-1] Static Mapping and ARP issue in Win2k NG FP3
From: "Van Liere, Derek" <[email protected]>
Date: Tue, 4 Feb 2003 17:02:18 -0700
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

First of all, you probably want to make that entry in the routing table
persistent (-p) and be sure the routing is working correctly.
Secondly, there is a hotfix (HF1) for FP3 which fixes the arp issue in
W2K... At least it did for me.
If you don't want to install the Hotfix, there is a program fix (fwparp.exe)
which you can run in a batch file every "x" hours which will fix the arp
issue for your static NAT entries.   I had this running every 12 hours using
the scheduler before installing HF1.

Hope this helps..

Derek

-----Original Message-----
From: Wayne Ho [mailto:[email protected]]
Sent: Tuesday, February 04, 2003 11:51 AM
To: [email protected]
Subject: [FW-1] Static Mapping and ARP issue in Win2k NG FP3


All Checkpoint gurus:

I want to allow http into an internal webserver. The
IP address of the firewall external interface is
1.2.3.1., the internal is 10.0.208.5. The web server
is 10.0.208.9, with static mapping to 1.2.3.10 which
is visible from world. According to Checkpoint FP3
with automatic arp configuration, I shouldn't need to
put the static entry. However, when I ping any
external IP address from webserver, the ping doesn't
go through. I allow outgoing in firewall. The firewall
should log going out, but nothing comes back. I am
pretty sure it's routing issue. So, I have

route add 1.2.3.10 MASK 255.255.255.255 10.0.208.5
and arp -s 1.2.3.10 10-be-05-0f-02-0a

Still have no clue. Please give me advise.
Thanks.

__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

Follow-Ups:
- Re: [FW-1] Static Mapping and ARP issue in Win2k NG FP3
  - From: Wayne Ho <[email protected]>

Prev by Date: Re: [FW-1] Fragementation Problem Fix
Next by Date: [FW-1] Which IPSO version do I need to install CP NG FP3?
Previous by thread: [FW-1] Checkpoint administrator with Radius
Next by thread: Re: [FW-1] Static Mapping and ARP issue in Win2k NG FP3
Index(es):
- Date
- Thread