Does it work with the firewall OFF? That way you can determine if it is an
OS problem or a FW1 problem.
Mark
At 06:15 PM 8/8/00 , you wrote:
>I'm having a nightmare of a time getting up and running with Firewall 1 on
>Linux 6.1. I have a triple homed Linux box that I want to use as a gateway
>for our Internal Net as well as the DMZ net. I am including the output of
>the `ifconfig -a` and `netstat -nr` commands. I have an All_Permit policy
>installed and pretty much everything is enabled in the Policy/Properties
>window. I can ping hosts in all the three nets from the firewall but cannot
>ping through the firewall. For example I can ping our router to the internet
>- 204.5.211.254 from the firewall but not from any host in the internal
>invalid nets 172.16.2.0 or 172.16.1.0.
>I figured it was an ip_forwarding issue so I configured Firewall-1 to never
>handle ip_forwarding and enabled ip_forwarding at the os level (set
>/proc/sys/net/ipv4/ip_forward to 1). No luck again.
>I've also considered the fact that the packet may be reaching 204.5.211.254
>but the replies are not reaching the internal hosts. But then 204.5.211.254
>and 204.5.211.253 (external interface on the firewall that the internal nets
>are hiding behind) are on the same net 204.5.211.224 and can see each other
>fine.
>
>Does anyone have any suggestions. I'll greatly appreciate the help.
>
><snip>
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
