you'll never get this to work using dynamic nat. gauntlet is supposed to be
able to do this but it won't happen. the only way you'll be able to do this
is with static nat.
cheers.
----- Original Message -----
From: John Alexander <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, October 24, 2000 4:20 PM
Subject: ICMP and Gauntlet 5.0
> I'm running Gauntlet 5.0 on NT. Dynamic nat from a non-routable
> to a single external I.P. address.
>
> I have packet filtering passing icmp echo just fine for outbound
> pings and returning the echos, but tracert doesn't return the hops.
> I know that this is a matter of the responding IP (with ttl expired) is
> not the original destination, but how do I get the firewall to pass
> these through to the originator of the tracert?
>
> Bet it's really simple, too.
>
> John Alexander
> Silver Spring, MD
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
