-
November 8th, 2002, 06:29 PM
#1
Member
CheckPoint FireWall1 NG routing between cards
Folks,
Im trying to get my firewall to route traffic between interfaces, i dont seem to be able to do this although if i tell the rule to use NAT it works fine. The address internally is valid and it can ping the ip address of the external interface but no further. Any thoughts
Cheers,
Paul
-
November 9th, 2002, 12:30 AM
#2
I have a checkpoint FW. I need to know a little more about your configuration. What interfaces do you have set up? What rules do you have created? Do you have your gateway configured in your IP setup? Do you have ICMP turned off? Have you turned on full logging? What do the logs indicate?
Any additional info would help.
Work... Some days it's just not worth chewing through the restraints...
-
November 9th, 2002, 05:03 PM
#3
Member
mmelby,
The firewall has 2 IP interfaces, there are two rules allowing traffic to and from machines inside with full logging and no protocol restrictions (for testing) from inside you can ping the internal interface of the firewall and the external interface but no further. ICMP is allowed in the policy properties so that is not an issue. from outside you can ping both interfaces of the firewall but no further through. if i enable NAT for one machine object and allow it to use the firewall gateway IP address this works fine from inside so i think i am missing a routing rule somewhere. the FW1 software is running on Checkpoint Secure Server (FP2)
Paul
-
November 10th, 2002, 04:38 AM
#4
Junior Member
you also might want to try a static route
-
November 11th, 2002, 04:48 PM
#5
Originally posted here by haguec
you also might want to try a static route
Definately....add a static (default) route on your firewall.
-
November 11th, 2002, 05:31 PM
#6
I am not familiar with Checkpoint Secure Server. Does it run on NT or W2k. If it does then yes you need to add a static route in the OS not in FW1.
Work... Some days it's just not worth chewing through the restraints...
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|