RE: [FW1] Strange NT Routing Issue

Wed, 14 Jun 2000 06:28:21 -0700 



Did you try pinging the systems individually. Say by creating a script and
ping all
devices on the x.x.60.0 network from x.x.60.1->254, I am sure that you will
get
response for all of them if the system on the x.x.60.0 network has proper
routes
back to the x.x.61.0 network.

I dont know why but I have seen that you dont always get response from all
systems
when you ping the subnet or network  or the broadcast of that subnet or
network.

If the ping to individual workstations gives a reply then I would not worry
much.
Yes I would be curious to know why some workstations reply while others
dont.

Preet


> -----Original Message-----
> From: Eric Eskam [SMTP:[EMAIL PROTECTED]]
> Sent: Tuesday, June 13, 2000 2:41 PM
> To:   [EMAIL PROTECTED]
> Subject:      [FW1] Strange NT Routing Issue
> 
> 
> 
> Situation:
> 
> FW not installed yet - trying to get routing up.
> 
> All packets leave all subnets on internal network for external network
> with
> no problems.
> Not all packets come in from outside to internal network.
> In fact, a darn strange pattern of internal IP addresses can be pinged
> from
> the outside.
> IP space is a class A subnetted 255.255.255.0 - pretty standard.
> 
> All Interfaces on the FW computer are pingable inside and out (ie. on a
> computer on the internal net I can ping all the cards - ditto for the
> external side of things, on a separate computer I can ping all the cards)
> 
> External FW interface is x.x.61.1
> Internal FW Interface is x.x.60.252
> External router (GW to internet) is x.x.61.1
> Internal router (GW to subnets) is x.x.60.253
> Additional subnetwork x.x.63.0 is reachable via x.x.60.253
> 
> When I ping from external (computer on the x.x.61.0 network, not from the
> firewall) to the entire x.x.60.0 network these are the responses I get:
> 
> x.x.60.13
> x.x.60.179
> x.x.60.201
> x.x.60.220
> x.x.60.242
> x.x.60.243
> x.x.60.244
> x.x.60.246
> x.x.60.249
> x.x.60.252
> 
> If I do a ping sweep of the Internal network from the internal network
> (either computer on internal network or the FW computer itself) I get over
> 120 responses (yes, I know it's an overly large and flat network but it's
> not mine)
> 
> NT route table:
> 
> C:\>route print
> ==========================================================================
> =
> Interface List
> 0x1 ........................... MS TCP Loopback interface
> 0x2 ...00 90 27 xx xx xx ...... Intel(R) PRO Adapter
> 0x3 ...00 90 27 xx xx xx ...... Intel(R) PRO Adapter
> 0x4 ...00 90 27 xx xx xx ...... Intel(R) PRO Adapter
> ==========================================================================
> =
> ==========================================================================
> =
> Active Routes:
> Network Destination        Netmask          Gateway       Interface
> Metric
>           0.0.0.0          0.0.0.0        x.x.61.1           x.x.61.2
> 1
>          10.0.0.0        255.0.0.0         10.0.0.1        10.0.0.1
> 1
>          10.0.0.1  255.255.255.255        127.0.0.1       127.0.0.1
> 1
>         127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1
> 1
>         x.x.60.0    255.255.255.0       x.x.60.252      x.x.60.252       1
>        x.x.60.252  255.255.255.255        127.0.0.1       127.0.0.1
> 1
>          x.x.61.0    255.255.255.0         x.x.61.2        x.x.61.2
> 1
>          x.x.61.2  255.255.255.255        127.0.0.1       127.0.0.1
> 1
>          x.x.63.0    255.255.255.0       x.x.60.253      x.x.60.252
> 1
>       x.x.255.255  255.255.255.255         x.x.61.2        x.x.61.2
> 1
>         224.0.0.0        224.0.0.0         10.0.0.1        10.0.0.1
> 1
>         224.0.0.0        224.0.0.0       x.x.60.252      x.x.60.252
> 1
>         224.0.0.0        224.0.0.0         x.x.61.2        x.x.61.2
> 1
>   255.255.255.255  255.255.255.255         x.x.61.2        x.x.61.2
> 1
> ==========================================================================
> =
> 
> I'm either missing something extremely silly or am doing something above
> drastically wrong - it seems fairly straight forward to me - but ???
> 
> We had problems with original ethernet adaptors they wanted to use and had
> to change them out to what you see listed here, plus this machine has
> service pack 6a on it - I think I am going to blow away NT and start over
> -
> with just service pack 4 since that is all I can verify that is supported
> for use with CP at this time.
> 
> Any other ideas?
> 
> Eric
> 
> 
> 
> ==========================================================================
> ======
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
> ==========================================================================
> ======
> .
> 
> 
> 
> ==========================================================================
> ======
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
> ==========================================================================
> ======


***********************************************************************
Bear Stearns is not responsible for any recommendation, solicitation, 
offer or agreement or any information about any transaction, customer 
account or account activity contained in this communication.
***********************************************************************



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Reply via email to