Patrick,
local.arp on NT boxes is only needed if your connected devices (hosts, routers)
use Proxy ARP for determining the next hop.
If you have configured host routes for the virtual IPs on your devices pointing
to the primary IP address of the FW NIC, you can forget local.arp.
Olaf
From: Patrick Baird <[EMAIL PROTECTED]> on 27/07/2000 21:45 GMT
|--------->
| |
|--------->
>--------------------------------------------------------------------------->
| |
>--------------------------------------------------------------------------->
>-------------------------------------------|
| |
>-------------------------------------------|
|--------->
|To: |
|--------->
>--------------------------------------------------------------------------->
|"'[EMAIL PROTECTED]'" |
|<[EMAIL PROTECTED]> |
>--------------------------------------------------------------------------->
>-------------------------------------------|
| |
| |
>-------------------------------------------|
|--------->
|cc: |
|--------->
>--------------------------------------------------------------------------->
| (bcc: Olaf Breil/MUC/AMADEUS) |
>--------------------------------------------------------------------------->
>-------------------------------------------|
| |
| |
>-------------------------------------------|
|--------->
| |
|--------->
>--------------------------------------------------------------------------->
| |
>--------------------------------------------------------------------------->
>-------------------------------------------|
| |
>-------------------------------------------|
|--------->
|Subject: |
|--------->
>--------------------------------------------------------------------------->
|[FW1] Local.arp |
>--------------------------------------------------------------------------->
>-------------------------------------------|
| |
>-------------------------------------------|
Should you place the MAC address of network objects that are not used by the
external interface.
NT 4.0 SP6a, FW - 1, 4.1
Example:
Machine A (DMZ)
Machine B (DMZ)
I am setting a rule for say, ftp so
A -> B ftp accept long gateways any
Does the local.arp matter in this case?
thanks!
Patrick D. Baird
Senior Solutions Developer - MCSE
mVest Technology Solutions, Inc.
1700 Paoli Pike
Malvern, PA 19355
Wk: 610-407-0100 x305
Cl: 610-745-1839
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
