Hi,
the location of local.arp file must be on $FWDIR\state directory
the syntax of local.arp is
111.222.333.444 AA-BB-CC-DD-EE-FF if your are running NT platform
111.222.333.444 AA:BB:CC:DD:EE:FF if your are running Unix platform
Regards
Hoang Ha
-----Original Message-----
From: Frank Darden <[EMAIL PROTECTED]>
To: 'Aaron Wheeler' <[EMAIL PROTECTED]>; Fw-1-Mailinglist
(E-mail) <[EMAIL PROTECTED]>
Cc: 'eric' <[EMAIL PROTECTED]>
Date: Wednesday, July 12, 2000 8:45 AM
Subject: RE: [FW1] Local.arp file
>
>I suspect the syntax of your local.arp to be wrong
>
>
>#1 local.arp should be created in the $FWDIR\conf directory (where $FWDIR
is
>the dir that you installed FW-1 in eg: c:\winnt\fw\conf)
>
>#2 The syntax is
>111.222.333.444 AA:BB:CC:DD:EE:FF
>
>Please be sure to use colons instead of dashes. This is the #1 cause of
>local.arp failures
>
>Frank
>
>-----Original Message-----
>From: Aaron Wheeler [mailto:[EMAIL PROTECTED]]
>Sent: Tuesday, July 11, 2000 8:05 PM
>To: Fw-1-Mailinglist (E-mail)
>Cc: 'eric'
>Subject: RE: [FW1] Local.arp file
>
>
>
>Eric,
>Thanks for the tips on local.arp files.
>
>I have been having problems with the static arp entries on a NT FW-1
install
>I am doing for a customer. I have created a local.arp file containing
>entries for all the Internet Servers, but it doesn't seem to take affect.
If
>I manually add the arp entries in NT using the "arp -s" command, the
>firewall starts working correctly, but these entries are deleted on reboot.
>
>I think I may have been editing the arp file using notepad, so this may
have
>been my problem, however I have differing information concerning the
>location of the local.arp file. The most common one is:
>
>%SystemRoot%/fw/state/local.arp
>
>Is this the correct location?
>
>Thanks in advance,
>Aaron.
>
>-----Original Message-----
>From: eric [mailto:[EMAIL PROTECTED]]
>Sent: Wednesday, 5 July 2000 5:58
>To: John Qian; 'Flavio Muscetra'
>Cc: Fw-1-Mailinglist (E-mail)
>Subject: RE: [FW1] Local.arp file
>
>
>When you create the local.arp don't forget to do it from dos edit. notepad
>screws these up. and press tab between the ip and external mac.
>
>eric.
>
>-----Original Message-----
>From: [EMAIL PROTECTED]
>[mailto:[EMAIL PROTECTED]]On Behalf Of John
>Qian
>Sent: Monday, July 03, 2000 1:11 PM
>To: 'Flavio Muscetra'
>Cc: Fw-1-Mailinglist (E-mail)
>Subject: RE: [FW1] Local.arp file
>
>
>Hi Flavio,
>Why not trying to reverse the order of route entry in local.arp ?
>like:
>
>A.B.C.z pp-cc-gg-hh-kk
>
>John Qian
> -----Original Message-----
>From: Flavio Muscetra [mailto:[EMAIL PROTECTED]]
>Sent: Monday, July 03, 2000 9:32 AM
>To: Julian Bain
>Cc: Fw-1-Mailinglist (E-mail)
>Subject: Re: [FW1] Local.arp file
>
>
>
>
>
>----- Original Message -----
>From: Julian Bain <mailto:[EMAIL PROTECTED]>
>To: 'Flavio Muscetra' <mailto:[EMAIL PROTECTED]>
>Cc: Fw-1-Mailinglist <mailto:[EMAIL PROTECTED]>
>(E-mail)
>Sent: Monday, July 03, 2000 6:23 PM
>Subject: RE: [FW1] Local.arp file
>
>You also need a static route in the NT box directing packets back to the
web
>server. Use route add -p command:
>route add -p A.B.C.z 10.10.11.x
>Also, to enable your proxy arp entry you must stop and start the firewall
>
>Julian Bain
>
>I have yet this configuration but it doesn't work. Is it mandatory to set
>something on the router (static route)?
>
>Thanks,
>
>Flavio
>
>
>
>-----Original Message-----
>From: Flavio Muscetra [ mailto:[EMAIL PROTECTED]
><mailto:[EMAIL PROTECTED]> ]
>Sent: Monday, July 03, 2000 11:00 AM
>To: [EMAIL PROTECTED]
><mailto:[EMAIL PROTECTED]>
>Subject: [FW1] Local.arp file
>Importance: High
>
>
>I'm configuring a FW-1 4.0 (SP5) on a NT box 4.0 SP6a with 3 adapters:
>
>* one is external A.B.C.0/24
>* one is for DMZ 10.10.11.0/24
>* one is for the internal LAN 10.10.10.0/24.
>The DMZ and the internal LAN are private nets.
>
>I've a web-server on DMZ (10.10.11.x) with aa-bb-cc-dd-ee MAC address.
>This web server is known in internet with A.B.C.z address.
>The external interface of the firewall is A.B.C.y with MAC pp-cc-gg-hh-kk
>To reach the webserver i put in the local.arp file the following line:
>
>pp-cc-gg-hh-kk A.B.C.z
>
>It doesn't work! Anyone one knows if there's a bug in the FW-1 proxy arp?
>Or maybe I made a mistake?
>
>Thanks in advance,
>
>Flavio
>
>
>
>
>
>===========================================================================
=
>====
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
>===========================================================================
=
>====
>
>
>===========================================================================
=====
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
>===========================================================================
=====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
