Hi,
Our class C address is subnet as follows, subnet 0 is not used, subnet 1 is
the DMZ, subnet 2 is used for NATing internal users on a 10.x.x.x network to
legal addresses, and subnet 3 is dirty side of the firewall.
0 x.x.x.1 - x.x.x.62 Not Used
1 x.x.x.65 - x.x.x.126 DMZ
2 x.x.x.129 - x.x.x.190 NATed address range used for
internal PCs
3 x.x.x.193 - x.x.x.254 Dirty side of firewall
Which subnet is used for NATing external addresses to internal hosts? I have
tried using subnet 2 range; the firewall logs :-
external ip address legal external address of host telnet
accept on rule 800
external ip address illegal internal address of host
telnet accept on rule 800
legal external address
of host external ip address
telnet drop on rule 0
First I thought I was not getting a connection because of spoofing I turned
spoofing off (or I thought I did) but it made not a jot of different. I have
no problem on the internal pcs going out to the internet. Just coming the
other way from the internet to internal net.
Anybody any pointers? Had a look at phoneboy tried messing with local.arp
Cheers Gary
*******************************************************************************************************
Any opinions expressed in the email are those of the individual and not necessarily the
City Of Salford. This email and any files transmitted with it are confidential and
solely for the use of the intended recipient.
It may contain material protected by solicitor-client privilege. If you are not the
intended recipient or the person responsible for delivering to the intended recipient,
be advised that you have received this email in error and that any use is strictly
prohibited. If you have received this email in error please notify the IT manager by
telephone on +44 (0) 1617933906.
********************************************************************************************************
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
