Do you have ICMP allowed through your firewall ?
If you have then can you ping a.b.c.d from the firewall ?
If not then check the routing from the firewall to a.b.c.d
If yes then did you publish the MAC for w.x.y.z on the external network ?
If not do it
If yes then do you have a host specific route on the firewall that says
destination w.x.y.z gateway (either a.b.c.d or the router that is on the
internal side).
If all the above has been doen and you still cannot ping check your NAT
are you NATing when any packets come to the firewall at w.x.y.z or just
http, https packets.
In case you are NATing for only http/https packets then you will not be able
to ping.
If you have the services in Original packets set to "ANY" and services in
translated packets
set to "Original" then you will be able to ping.
Why would you want to ping the webserver anyway ? Allow ICMP just for
testing and when the
webserver is accessable from outside through the NATed address then disable
ICMP and also
narrow down the NAT to only those services that you require on the
webserver.
Preet
> -----Original Message-----
> From: Tika Mahata [SMTP:[EMAIL PROTECTED]]
> Sent: Monday, June 19, 2000 7:41 AM
> To: [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]
> Subject: [FW1] NAT and Internet Connection
>
>
> Hi,
>
> My application server(i.p=a.b.c.d) is hidden with
> static NAT ( valid i.p=w.x.y.z).Then I cannot ping the
> w.x.y.z, so how can I access my application server
> from internet?
> Pls give me some idea about it.
>
> Thanks
> Tika
>
>
>
> __________________________________________________
> Do You Yahoo!?
> Send instant messages with Yahoo! Messenger.
> http://im.yahoo.com/
>
>
> ==========================================================================
> ======
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> ==========================================================================
> ======
***********************************************************************
Bear Stearns is not responsible for any recommendation, solicitation,
offer or agreement or any information about any transaction, customer
account or account activity contained in this communication.
***********************************************************************
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
