Automatic ARP is in global properties, NAT tab. I've had a few problems with it
in the past on Nokias, I find it best to turn it off.
- LH
-----Original Message-----
From: Mailing list for discussion of Firewall-1 [mailto:FW-1-MAILINGLIST AT
AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of Diego F. Lastra S.
Sent: Friday, 1 April 2005 11:32 a.m.
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: Re: [FW-1] Problems With Static NAT and ARP
Thank you...
Tha NAT TAB was updated automatically due to the fact that I create the Object
with a static NAT. How do you enable or disable the auto-arp feature?
I thing that the problem is related to the ARP table of the firewall.
-----Original Message-----
From: Reinhard Stich [mailto:r.stich AT internet-security DOT at]
Sent: Miércoles, 30 de Marzo de 2005 11:29 p.m.
To: dlastra AT XERTIX DOT COM
Subject: RE: [FW-1] Problems With Static NAT and ARP
hi,
did you use the NAT-tab for the static-NAT? do you have auto-arp enabled?
you can define the static arp on the internet-router, this should work as a
workaround.
cheers
reinhard
))) Message sent using Nokia One Business Server (((
))) Internet Security AG - www.internet-security.ag (((
--- Original Message ---
From: "Diego F. Lastra S." <dlastra AT XERTIX DOT COM>
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date: Thu Mar 31 04:59:49 CEST 2005
Subject: [FW-1] Problems With Static NAT and ARP
Hello guys,
I have a problem related with NAT. I have a distribuited configuration. Using a
SPLAT NG R55 with Checkpoint NG AI R55 over a Intel Platform running on the
firewall. The problem is that I have a server under the firewall configured as
a MAIL server. This server receives POP, SMTP and IMAP.
For some reason this server does not receive connections from Internet. I even
check the LOG TRACKER with a Filter and cannot find any connection to the MAIL
server.
When I enter the firewall console it does not display ARP related to that
server. Wich I found very weird, since I have a different firewall running on a
Nokia IP330 Checkpoint NG R55 and all the Static NAT's configured in that
firewall appear as Permanent Published ARP.
So I manually published ARP entry using the command:
arp -s [IP] [MAC] pub
Using in [IP] the ip address assigned to the NAT and using as [MAC] the mac
address of the external interface of the firewall. The ARP entry finally
shows up at the ARP table of the firewall. But still it does not receive any
connection from the outside.
Do you guys have any idea?
_______________________________________________
Diego F. Lastra S.
Infraestructura y Soporte Xertix
Conm. ++52-55-3003-1300
Dir. ++52-55-3003-1381
<http://www.xertix.com> http://www.xertix.com
_______________________________________________
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail =================================================
To unsubscribe from this mailing list,
please see the instructions at http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail =================================================
To unsubscribe from this mailing list,
please see the instructions at http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
-----------------------------------------------------------------------------------------------
Have you seen our website?.... http://www.vodafone.co.nz
Manage Your Account, check your Vodafone Mail and send web2TXT online:
http://www.vodafone.co.nz/myvodafone
CAUTION: This correspondence is confidential and intended for the named
recipient(s) only.
If you are not the named recipient and receive this correspondence in error,
you must not copy,
distribute or take any action in reliance on it and you should delete it from
your system and
notify the sender immediately. Thank you.
Unless otherwise stated, any views or opinions expressed are solely those of
the author and do
not represent those of Vodafone New Zealand Limited.
Vodafone New Zealand Limited
20 Viaduct Harbour Avenue, Private Bag 92161, Auckland 1030
Telephone + 64 9 355 2000
Facsimile + 64 9 355 2001
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
