Sorry if this is a dumb question. My firewall isn't routing, shouldn't it be?
I have a Sun 220R running Solaris 2.6 w/patches and FW-1 4.1 w/service packs.
I have a policy installed of: any any any allow short.
This is my network layout:
[143 subnet]
|
|
|
[144 subnet]---[internal router]---[ fw ]---[external router]
[ 123.123.143.1 ] [ 123.123.1.4 ] [ 123.123.1.1 ]
[ 123.123.2.1 ] [ 123.123.2.4 ]
[ 123.123.145.1 ] [123.123.146.1]
[ 123.123.144.1 ] |
| |
| |
| |
[145 subnet] [146 subnet]
-the internal router has a default gateway of 2.4(the firewalls IP)
-the fw has a default gateway of 1.1(the external routers IP)
-this is the routing table on the firewall:
123.123.2.0 123.123.2.4 U 2 3 qfe2
123.123.1.0 123.123.1.4 U 2 3 qfe3
123.123.146.0 123.123.146.1 U 2 3 qfe1
192.168.118.0 192.168.118.1 U 3 4 hme0
224.0.0.0 192.168.118.1 U 3 0 hme0
default 123.123.1.1 UG 0 2235
127.0.0.1 127.0.0.1 UH 0 8170 lo0
The problem is, I can't communicate from internal clients, on the 144 for instance, to
the external router or to the 146 subnet. Do I need to create routes on the fw for
the 144, 145 and 146 subnets? Or should the fw software be doing that? What
configuration do I need to set? If I create a route on the fw, for the 146 for
instance, then it works, but it seems wrong. Is it?
--Paul
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
