Get hold of a copy of PFE32. It beats edit and notepad, and its free.
Steve
-----Original Message-----
From: [EMAIL PROTECTED]
Sent: Sat, 15 Jul 2000 20:13:22 -0400
To: [EMAIL PROTECTED]
CC: [EMAIL PROTECTED]
Subject: RE: [FW1] Local.arp file
true. file associations on NT suck! ALWAYS use edit\
Thomas poole
-----Original Message-----
From: eric [mailto:[EMAIL PROTECTED]]
Sent: Friday, July 14, 2000 10:49 PM
To: 'Aaron Wheeler'; 'Fw-1-Mailinglist (E-mail)'
Subject: RE: [FW1] Local.arp file
Aaron,
If you use notepad it will cause problems. I have experienced these issues
in the past, using dos edit should alleviate this.
eric.
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of
Aaron Wheeler
Sent: Tuesday, July 11, 2000 8:05 PM
To: Fw-1-Mailinglist (E-mail)
Cc: 'eric'
Subject: RE: [FW1] Local.arp file
Eric,
Thanks for the tips on local.arp files.
I have been having problems with the static arp entries on a NT FW-1 install
I am doing for a customer. I have created a local.arp file containing
entries for all the Internet Servers, but it doesn't seem to take affect. If
I manually add the arp entries in NT using the "arp -s" command, the
firewall starts working correctly, but these entries are deleted on reboot.
I think I may have been editing the arp file using notepad, so this may have
been my problem, however I have differing information concerning the
location of the local.arp file. The most common one is:
%SystemRoot%/fw/state/local.arp
Is this the correct location?
Thanks in advance,
Aaron.
-----Original Message-----
From: eric [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, 5 July 2000 5:58
To: John Qian; 'Flavio Muscetra'
Cc: Fw-1-Mailinglist (E-mail)
Subject: RE: [FW1] Local.arp file
When you create the local.arp don't forget to do it from dos edit. notepad
screws these up. and press tab between the ip and external mac.
eric.
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of John
Qian
Sent: Monday, July 03, 2000 1:11 PM
To: 'Flavio Muscetra'
Cc: Fw-1-Mailinglist (E-mail)
Subject: RE: [FW1] Local.arp file
Hi Flavio,
Why not trying to reverse the order of route entry in local.arp ?
like:
A.B.C.z pp-cc-gg-hh-kk
John Qian
-----Original Message-----
From: Flavio Muscetra [mailto:[EMAIL PROTECTED]]
Sent: Monday, July 03, 2000 9:32 AM
To: Julian Bain
Cc: Fw-1-Mailinglist (E-mail)
Subject: Re: [FW1] Local.arp file
----- Original Message -----
From: Julian Bain <mailto:[EMAIL PROTECTED]>
To: 'Flavio Muscetra' <mailto:[EMAIL PROTECTED]>
Cc: Fw-1-Mailinglist <mailto:[EMAIL PROTECTED]>
(E-mail)
Sent: Monday, July 03, 2000 6:23 PM
Subject: RE: [FW1] Local.arp file
You also need a static route in the NT box directing packets back to the web
server. Use route add -p command:
route add -p A.B.C.z 10.10.11.x
Also, to enable your proxy arp entry you must stop and start the firewall
Julian Bain
I have yet this configuration but it doesn't work. Is it mandatory to set
something on the router (static route)?
Thanks,
Flavio
-----Original Message-----
From: Flavio Muscetra [ mailto:[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]> ]
Sent: Monday, July 03, 2000 11:00 AM
To: [EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>
Subject: [FW1] Local.arp file
Importance: High
I'm configuring a FW-1 4.0 (SP5) on a NT box 4.0 SP6a with 3 adapters:
* one is external A.B.C.0/24
* one is for DMZ 10.10.11.0/24
* one is for the internal LAN 10.10.10.0/24.
The DMZ and the internal LAN are private nets.
I've a web-server on DMZ (10.10.11.x) with aa-bb-cc-dd-ee MAC address.
This web server is known in internet with A.B.C.z address.
The external interface of the firewall is A.B.C.y with MAC pp-cc-gg-hh-kk
To reach the webserver i put in the local.arp file the following line:
pp-cc-gg-hh-kk A.B.C.z
It doesn't work! Anyone one knows if there's a bug in the FW-1 proxy arp?
Or maybe I made a mistake?
Thanks in advance,
Flavio
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
___________________________________________________________________________
Visit http://www.visto.com/info, your free web-based communications center.
Visto.com. Life on the Dot.
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
