[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] NAT Troubles

To: michael-kuriger@vertel.com, JBedics@pagoda.com, fw-1-mailinglist@lists.us.checkpoint.com
Subject: RE: [FW1] NAT Troubles
From: JBedics@pagoda.com
Date: Tue, 30 Nov 1999 14:28:30 -0500


I thought that since the firewall was running on NT that the arp was taken
care of by the local.arp file, which does have the correct entries in it.
The only thing I can come up with is that this is possibly something to do
with NTSP5.  My next step is to back down to NTSP4.
	
	--Jim

> -----Original Message-----
> From:	Michael Kuriger [SMTP:michael-kuriger@vertel.com]
> Sent:	Tuesday, November 30, 1999 12:57 PM
> To:	JBedics@pagoda.com; fw-1-mailinglist@lists.us.checkpoint.com
> Subject:	RE: [FW1] NAT Troubles
> 
> Do you have a static arp table on the firewall machine itself?
> 
> Michael Kuriger
> Senior Network Engineer
> Vertel Corp.
> 818 227-5739
> 
> 
> -----Original Message-----
> From: JBedics@pagoda.com [mailto:JBedics@pagoda.com]
> Sent: Monday, November 29, 1999 5:16 PM
> To: fw-1-mailinglist@lists.us.checkpoint.com
> Subject: [FW1] NAT Troubles
> 
> 
> 
> Ok, I have been wrestling with this for over a week now and have gotten
> nowhere with it.  I am running FW-1 4.0 3DES on NT 4.0 SP5 and am having a
> very strange problem with destination static NAT.  Here's my best attempt
> at
> explaining it:
> 
> Whenever I have activity to any of my public addresses that I have static
> destination NAT running on, everything seems to work fine.  However, when
> there is a long time between connections (no one tries to connect for more
> than 2 hours) NAT seems to "shut down".  When you ping the public address
> you will get no response.  If you continue to do this, eventually (after
> the
> 4th or 5th time running ping) the firewall will answer like it should.
> The
> strange part is that this seems to occur for ANY of my public IP's.  If
> one
> doesn't respond, none will.  Once I get one to respond though its as if
> they
> all come back to life.  I talked to my ISP and they suggested that the
> problem may have to do with the ARP cache timing out.  I therefore added
> static ARP entries to my cisco router (which by the way is not NAT'ed and
> I
> can get to at any time), and still the problem persists.  Any
> help/suggestions would be GREATLY appreciated!
> 
>      --Jim
> 
> ----
> Jim Bedics
> Senior Systems Administrator, MCSE
> Piercing Pagoda, Inc.
> 
> 
> ==========================================================================
> ==
> ====
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
> ==========================================================================
> ==
> ====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: [FW1] FW-1 v4 SP4 on Solaris
Next by Date: Re: [FW1] SonicWALL - VPN from home?
Prev by thread: [FW1] NAT Troubles
Next by thread: RE: [FW1] NAT Troubles
Index(es):
- Date
- Thread