-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
<xlatedIP> <press tab> <ExtMacofFirewall>
as I remember.
eric.
On Thu, 07 September 2000, Jim Brown wrote:
>
>
> I think the documentation is wrong. If I am not mistaken it is
> actually IP then MAC.
>
> -----Original Message-----
> From: Jason Witty [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, September 07, 2000 8:24 AM
> To: Rick Camp
> Cc: 'Bill McCabe'; [EMAIL PROTECTED]
> Subject: Re: [FW1] local.arp changes still not picked up
>
>
>
> Your local.arp file is backwards. It should be in the format (I
> thnk the FAQ listed it worng, as I just got this out of the CP
> books):
>
> <MAC ADDR> <IP ADDR>
>
> Not the other way around. Change it, reboot, you should be cool.
>
> Jason
>
>
> Rick Camp wrote:
> >
> > Bill,
> >
> > I ran into this problem about a year ago with an NT 4.0 firewall.
> > I am
> not
> > sure as to the cause, but I did find a work around.
> >
> > We were using a Cisco 2524 router and by clearing the arp tables,
> > it would then pick up the new information from the local.arp
> > file. I believe the commands are show arp to look at the table
> > and clear arp to clear it out
> and
> > you must be in enable mode on a Cisco router to clear the arp
> > table.
> Maybe
> > someone with more router experience can confirm if I am
> > remembering the correct commands.
> >
> > If you can't telnet into your router you could try powering it
> > off and
> back
> > on, but I don't know if that will solve the problem, and I don't
> > know if
> you
> > are in a situation where you can down your router.
> >
> > I hope this helps.
> >
> > Rick
> >
> > _______________________________________
> > Rick Camp
> > Welsh Consulting
> > 31 Milk Street, Suite 805
> > Boston, MA 02109
> > 617-695-9800 Tel
> > 617-695-0350 Fax
> > [EMAIL PROTECTED]
> > www.welsh.com
> >
> > -----Original Message-----
> > From: Bill McCabe [mailto:[EMAIL PROTECTED]]
> > Sent: Wednesday, September 06, 2000 10:54 PM
> > To: [EMAIL PROTECTED]
> > Subject: [FW1] local.arp changes still not picked up
> >
> > Sadly, the new proxy ARP entries still didn't take after a
> > fwstop/start, and even a reboot. The old one still works fine.
> > The network objects and rules are patterned identically to the
> > working one, which was set up according to the instructions in
> > the Phoneboy FAQ. I clearly must be missing something, unless it
> > has to do with the limitations of Windows NT 4.0 Workstation, or
> > the fact that the internal NIC is Token Ring. Any suggestions or
> > leads would be greatly appreciated.
> >
> > Bill
> >
> > At 1:16 PM -0400 9/6/00, Bill McCabe wrote:
> > >Thanks for all the replies. I will bounce the firewall when I
> > >get the
> green
> > >light from above. I couldn't remember whether I had restarted
> > >the FW service last June when I added the prior static mapping.
> > >Since the
> Phoneboy
> > >FAQ says:
> > >
> > >
> > >>In Windows NT, the 'arp' command will not function in this
> > >>manner.
> Version
> > >>2.1c and later of FireWall-1 will do the proxy arps for you.
> > >>You must create a file called %SystemRoot%\fw\state\local.arp
> > >>(case matters!), which is formated as follows:
> > >>
> > >>translated_ip_address mac_address
> > >>
> > >>In the example above, this file would contain:
> > >>
> > >>206.99.98.50 08-00-20-76-ea-77
> > >>
> > >>Once you've set this file up, you will need to re-install the
> > >>current rulebase.
> > >
> > >
> > >I was hesitant to restart it for no reason. I naturally assumed
> > >I had
> made
> > >an error somewhere.
> > >
> > >
> > >Bill
> > >
> > >
> > >
> > >
> >
> >===================================================================
> >========
> > ====
> > >=
> > > To unsubscribe from this mailing list, please see the
> > > instructions
> at
> > > http://www.checkpoint.com/services/mailing.html
> >
> >===================================================================
> >========
> > ====
> > >=
> >
> >
> ====================================================================
> ========
> > ====
> > To unsubscribe from this mailing list, please see the
> > instructions at
> > http://www.checkpoint.com/services/mailing.html
> >
> ====================================================================
> ========
> > ====
> >
> >
> ====================================================================
> ======== ====
> > To unsubscribe from this mailing list, please see the
> > instructions at
> > http://www.checkpoint.com/services/mailing.html
> >
> ====================================================================
> ======== ====
>
>
> ====================================================================
> ======== ====
> To unsubscribe from this mailing list, please see the
> instructions at
> http://www.checkpoint.com/services/mailing.html
> ====================================================================
> ======== ====
>
>
> ====================================================================
> ============
> To unsubscribe from this mailing list, please see the
> instructions at
> http://www.checkpoint.com/services/mailing.html
======================================================================
==========
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>
iQA/AwUBObe5PhcEgL9uyUb5EQK4WACeJwBnbExJChA+mR/m0+co4hGfyuIAoNwN
LcRm2SM4WYB7kU0Suax5tCkV
=ZxE9
-----END PGP SIGNATURE-----
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
