-----Original Message-----
From: Rob Michayluk [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 22, 2000 2:53 PM
To: [EMAIL PROTECTED]
Subject: [FW1] NAT and DMZ routingHi there,
I am having a problem with the DMZ setup that I am trying to implement and I hope to borrow some of everyone's expertise to help me solve this.
I have a FW-1 4.1 sp2 running on a Winnt 4.0 sp5 box. It has 3 interfaces:
External: Routable Address
Internal: 192.168.0.1 (255.255.255.0) (Hide NAT to the external address of the firewall)
DMZ: 172.16.0.1 (255.255.0.0)I have a web server in the DMZ (172.16.0.5) and it's NATed to a static routable address.
I can hit the web server from both the firewall itself and the internal network but I cannot access it from the internet.The ruleset is any any any accept and I don't see any drops or rejects in the logs at all. I've turned on every scrap of logging I could find. I've created an entry in the local.arp file (translated address to external MAC of the firewall) and added a persistent static route from the translated address to the internal address for the web server.
Is there something that I'm totally missing?
All help is greatly appreciated!
Rob Michayluk
Computing Network Services
ACD Systems Ltd.
[EMAIL PROTECTED]
Title: NAT and DMZ routing
two
things.
1) is
anti-spoofing setup correctly (how is the connection being
dropped?)
2) do
you have a rule in place for your natted host??
Thomas
Poole
- [FW1] NAT and DMZ routing Rob Michayluk
- Re: [FW1] NAT and DMZ routing Carl E. Mankinen
- RE: [FW1] NAT and DMZ routing Rob Michayluk
- Re: [FW1] NAT and DMZ routing Carl E. Mankinen
- RE: [FW1] NAT and DMZ routing Hal Dorsman
- RE: [FW1] NAT and DMZ routing Thomas . Poole
- RE: [FW1] NAT and DMZ routing Murphy, Paul
