July 14th, 2004 02:56 PM
Hi all, i've an annoying problem here...
I have here Nokia equipment with three interfaces. Until now every interface had its own address. Now i put a new adress in one of them so i have one physical interface that has one logical interface that has two (the new and the old one) addresses in different networks.
Now, in the same switch where this interface is connected and where hosts that have "old" net adresses are connected, i connect a host with an address of the "new" net. I configure (for testing purpses) a rule in the checkpoint that allow ICMP traffic between any hosts and setup this rule to log all the matches.
Ok, until now the scenario, i hope that you will be able to follow me even though my english
If I ping from new machine (the one in the new net) to the new address of the nokia interface, i get no reply, no matches showed in the log BUT i can see ICMP packets in nokia's tcpdump... Well, at this point i have no idea what's going on...
What do you think guys, some of you can help me?
July 14th, 2004 03:02 PM
Turn off the firewall and enable routing on the Nokia. If this works it's one (or more) of your firewall rules that's blocking it.
Don't forget the implied rules and/or the anti-spoofing filters!
Experience is something you don't get until just after you need it.
July 14th, 2004 03:30 PM
It was the spoofing filters... :P