Hi, Just a simple one I hope... To simplify the description, lets say I have an FW-1 on a NOKIA with two user interfaces (ethernet) enabled. I have a workstation attached to the lan on each interface and I install a policy with no "clean-up" rule. Instead the last rule is "any any any accept". I have set "ipsofwd on" at the Nokia level. (I thought FW-1 allowed forwarding and tat it was just the Nokia that needed to be forced to allow this ?)
And yet I cannot ping from one workstation to the other ! The "Allow ICMP" option in the "Policy properties" only inserts an "any any ICMP accept" rule anyway (?), so my "allow-any" rule should cover that. The routing/default gateway's on the workstations just points to the local interface on each. So what is stopping the ping ??? Any suggestions would be gratefully received ! Cheers, Gordon _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
