Correction: Rob Thomas correctly pointed out that RFC1918 address spaces
can rout on the Internet as there is no magic that stops them. Most savvy
ISP's will prevent this though. Nonetheless, a trace could travel some
distance before being null routed.
The main point was that if, without the aid of a VPN, you try to route 1918
addresses on the Internet you will have problems.
Sorry for any confusion.
Rob Cryan
Solutions Integration Manager
infinitespace.com
Two Westborough Business Park
Westborough, MA 01581
Office: 508.870.4714
-----Original Message-----
From: Rob Cryan
Sent: Friday, June 30, 2000 10:31 AM
To: 'Richard Ellerbrock';
[EMAIL PROTECTED]
Subject: RE: [FW1] Private address space
There is no reason that any valid address space will not pass
through FW1.
I have implemented several firewalls on NT, Nokia and Solaris most
using
some variation of RFC 1918 addressing with no problem. There are
some
restrictions such as, the fact that this space and the others in
1918 won't
route on the Internet.
This begs the obvious questions: Where are you trying to go (route
to)?
From? What does the routing table look like? Is the firewall
passing
traffic for other networks? What does the rule base look like?
What are you trying for a test?
Rob Cryan
Solutions Integration Manager
infinitespace.com
Two Westborough Business Park
Westborough, MA 01581
Office: 508.870.4714
-----Original Message-----
From: Richard Ellerbrock [SMTP:[EMAIL PROTECTED]]
Sent: Friday, June 30, 2000 10:03 AM
To: [EMAIL PROTECTED]
Subject: [FW1] Private address space
Is there any reason why firewall-1 will not pass private
address
space in the range of 172.16-172.31 through the firewall (FW1
4.0sp5 on
Solaris 2.6). Nothing is logged in the log and the routing table is
100%.
The firewall is running gated ospf and there is no NAT configured.
--
Richard Ellerbrock
[EMAIL PROTECTED]
============================================================================
====
To unsubscribe from this mailing list, please see the
instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
============================================================================
====
To unsubscribe from this mailing list, please see the
instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
