Checkpoint Firewall NG FP2 NAT tip
Results 1 to 3 of 3

Thread: Checkpoint Firewall NG FP2 NAT tip

  1. #1
    Junior Member
    Join Date
    Apr 2002
    Posts
    14

    Talking Checkpoint Firewall NG FP2 NAT tip

    Hiyee again people...
    Well..I found out a trick in making the NAT work. You know sometimes when you route add -p (addresses) and it just shows you incomplete in the router when you know that you have done everything right (configuring it in the Checkpoint Policy Editor for the objects and also doing the route add) ? You might want to try this. (on Win2K platform)
    1. Flush out all arp entries in your router.(if you are migrating from a PIX to checkpoint like what I was doing)
    2. Route the addresses in the OS. For my case it was done on win2K therefore I use the command route add -p <external> <internal>
    3. Open the network properties on the External card. Open the TCP/IP and at the bottom there is an advanced button. Click on it and key in all your External IP addresses that you have routed to.
    4. After you have done that. Refresh the arp in your router to see if it is able to get the IP and MAC address. If it is there. Then you're done.
    5. The extra IP's that you have specified can be taken out as you just want to register your MAC addreses in the ARP table of the external router.

    Hope this tip helps.


  2. #2
    Senior Member
    Join Date
    Jan 2002
    Posts
    458
    or you can just create a static route for your NAT address space and set the default gateway as the firewall's external interface.

  3. #3
    Junior Member
    Join Date
    Apr 2002
    Posts
    14
    Hmm...Haven't tried that iNVicTus, Will try it out latter. Thanks for the additional tip.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •