|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] MANUAL NAT
I was playing with this problem all weekend Iam using FW-1 NG FP3 on a windows2k server SP3 manual NAT didnt work even if I added arp antries into local.arp the only solution was to add a static arp onto the neighbouring routers, is there a work around that anyones knows to this to get win2k to proxy arp for the static address. Also Ive noticed somethin different from older versions of FW-1 does routing take place after NAT now as I no longer have to add percistent routes such as route add NAT_ADDRESS ADDRESS -p Im a FW-1 Newby and still reading phoneboys book so please be gentle wi me :0) Regards Kev -----Original Message----- From: brian dell [mailto:[email protected]] Sent: 08 August 2003 15:38 To: [email protected] Subject: Re: [FW-1] MANUAL NAT automatic arp is only done for auto NAT rules which are taken care by the firewall (example like Hide NAT enabled for a host or network would do the automatic NAT for you.) But if you do Manual NAT yourself then firewall will not publish arp entries automatically. you have to manually enter the arp entries so that the firewall external IP address answers the call when someone wants to go to your web server. Hope this helps --- shivi <[email protected]> wrote: > Yes, > This is the issue of Automatic ARP which you can > get away with by > addding a static route on the Egde router or, if > using Nokia boxes you need > to add a "Proxy-only ARP" entry under configuration. > > Shivi > > > > ----- Original Message ----- > From: <[email protected]> > To: <[email protected]> > Sent: Friday, August 08, 2003 12:35 PM > Subject: Re: [FW-1] MANUAL NAT > > > > Check the arp table of your firewalls gateway to > ensure that the firewall > > has proxied the arp entries? If it has then your > issues lay somewhere > else. > > > > I dont know how to make the Nokia boxes publish > arp entries but someone > > else should know. > > > > Robert Rutherford > > +44 (0)1305 208232 > > +44 (0)7970 122362 > > > > > > > > > |---------+--------------------------------------------> > > | | George Munyua > | > > | | <[email protected]> > | > > | | Sent by: Mailing list for > | > > | | discussion of Firewall-1 > | > > | | > <[email protected]| > > | | KPOINT.COM> > | > > | | > | > > | | > | > > | | 08/08/2003 08:56 > | > > | | Please respond to Mailing > list | > > | | for discussion of Firewall-1 > | > > | | > | > > > |---------+--------------------------------------------> > > > >--------------------------------------------------------------------------- > -------------------| > > | > | > > | To: > [email protected] > | > > | cc: > | > > | Subject: [FW-1] MANUAL NAT > | > > > >--------------------------------------------------------------------------- > -------------------| > > > > > > > > > > Hi Gurus, > > > > I've enabled manual NAT on Checkpoint NG FP3 to my > web server on DMZ. > > However I still can't get through from the > internet. I have also put in a > > rule to allow access to the web server. Do I need > to register the public > > NAT > > IP on the arp table? How is this done on Nokia IP > 100? > > > > Regards, > > > > George Munyua > > Professional Services Unit > > Fintech Kenya Ltd > > 16th Floor Ambank Hse > > Tel: +(254-2)-221754 > > Cell: +(254-0722)-322537 > > Fax: +(254-2)-213136 > > e-mail: [email protected] > <mailto:[email protected]> > > > > "Ability is what you're capable of doing. > Motivation determines what you > > do. > > Attitude determines how well you do it."- Lou > Holtz > > > > > > > > _____ > > > > > > < > > > http://promos.hotbar.com/promos/promodll.dll?RunPromo&El=hotbar%5felement%3 > > bst%3b&SG=&RAND=60525> Upgrade Your Email - Click > here! > > > > ================================================= > > To set vacation, Out-Of-Office, or away messages, > > send an email to > [email protected] > > in the BODY of the email add: > > set fw-1-mailinglist nomail > > ================================================= > > To unsubscribe from this mailing list, > > please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================= > > If you have any questions on how to change your > > subscription options, email > > [email protected] > > ================================================= > > > > > > > > > > > > > > > ********************************************************************** > > This E-mail and any files transmitted with it are > in > > commercial confidence and intended solely for the > use of > > the individual or entity to whom they are > addressed. > > If you have received this E-mail in error please > notify the > > Administrator by E-mail ([email protected]). > > Any views or opinions expressed are solely those > of the > > author and do not necessarily represent those of > > DEK International., or its affiliates. > > > ********************************************************************** > > This footnote also confirms that this email > message has been swept by > > MIMEsweeper for the presence of computer viruses. > > > > www.dek.com > > > ********************************************************************** > > > > ================================================= > > To set vacation, Out-Of-Office, or away messages, > > send an email to > [email protected] > > in the BODY of the email add: > > set fw-1-mailinglist nomail > > ================================================= > > To unsubscribe from this mailing list, > > please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================= > > If you have any questions on how to change your > > subscription options, email > > [email protected] > > ================================================= > > > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
