[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FW1] NAT on one of two internal interfaces.
[ The following text is in the "iso-8859-1" character set. ]
[ Your display is set for the "US-ASCII" character set. Some ]
[ characters may be displayed incorrectly. ]
I'm back, attempting this again..
On Solaris w/ FW1 4.0 sp4, I have the following configuration..
hme0 = external
gfe0 = 10.1.1.0
qfe1 = Our routable internal network: not hidden
Everything for the internal network works as expected.. It is our service
network( 10.1.1.0) that I'm tring to use NAT with.
I have created the object for the web server. I set the address to the
10.1.1.10 address and the translation to an address on the external segment
165.235.21.201.
I have set:
route add host 165.235.21.201 wt 0 # wt is the ip for hme0
arp -s 165.235.21.201 08:00:20:a8:f7:28 pub # mac address for hme0
>From the internal network and the firewall, I can reach the server via
10.1.1.10. I can't reach the server at the 165.235.21.201 address.
When trying to use the 165.235.21.201 address I see the FW log shows:
qfe1 http joesDesk web02(valid address) tcp joesDesk web02
That is how I think it should look, but I don't seem to get a response. Last
week, I used snoop and saw that I got one packet from my attempt, the web
server makes a reply and that is the end of it.. I tried this again today
and don't see any traffic as a result of my request. I suspect that I made
an error in last weeks test.
Does anything here stand out?
Thanks for any assistance!
Joe
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================