I am using AIX, here is what I did.
/usr/sbin/arp -s ether <IP_Address_ext> 00:06:xx:xx:xx:xx pub >>$LOGFILE
2>&1
/usr/sbin/arp -a |grep permanent >>$LOGFILE 2>&1
/usr/sbin/route add <IP_Address_ext> <IP_Address_int> >>$LOGFILE 2>&1
Try doing this:
arp -s ether <IP_EXT> AdapterAddress pub
route add <IP_EXT> <IP_INT>
don't forget the Type which should probably be 'ether'
Joe
======================================================================
Joseph Voisin, Systems Administrator, Engel Canada Inc.
www.engelmachinery.com | [EMAIL PROTECTED] | (519)836-0220 x436
PGP Fingerprint: A20B 135D 0920 074F C7FE D72D 88A7 2521 5138 DFC2
======================================================================
> -----Original Message-----
> From: Carlos Infante [mailto:[EMAIL PROTECTED]]
> Sent: Monday, November 06, 2000 10:30 AM
> To: 'Jason Costomiris'
> Cc: [EMAIL PROTECTED]
> Subject: RE: [FW1] NAT problem
>
>
>
> Hello Jason,
>
> I've typed add -s,... but the problem isn't fixed
> The weird behaviour is that I can ping from the ftp server and with a
> sniffer I see the NATed address.
> Another issue is I can ping to the external IP address of the
> firewall i.e.
> 202.45.45.3 but I can't ping to the 202.45.45.4 that is the
> NATed IP address
> of the ftp server. (so the routing is working)
> If I try to make a ftp session in the logview I see the ftp
> session accepted
> to the valid address but the ftp doesn't work
>
> TIA
>
> Carlos
>
> -----Original Message-----
> From: Jason Costomiris [mailto:[EMAIL PROTECTED]]
> Sent: lunes, 06 de noviembre de 2000 14:24
> To: Carlos Infante
> Cc: [EMAIL PROTECTED]
> Subject: Re: [FW1] NAT problem
>
>
> On Mon, Nov 06, 2000 at 09:56:43AM +0100, Carlos Infante wrote:
> :
> : Hello all,
> : I have a problem with my NAT
> : I'm using a ftp server with a private address 10.x.x.x.
> because I want the
> : external users grant access to the machine I'm performing NAT with a
> : external IP in the subnet of the external interface of the
> firewall x.x.x.
> 4
> : for the firewall and x.x.x.5 for the NATed address of the
> ftp server.
> :
> : I added the next line in the cache arp of the firewall module.
> :
> : arp -d <ip NATed of the ftp server> <MAC address of the
> firewall> pub
>
> There's your problem right there.. You just deleted an arp entry.
> You want arp -s.
>
> Isn't it always the little things that get us? <g>
>
> --
> Jason Costomiris <>< | Technologist, geek, human.
> jcostom {at} jasons {dot} org | http://www.jasons.org/
> Quidquid latine dictum sit, altum viditur.
>
>
>
> ==============================================================
> ==================
> To unsubscribe from this mailing list, please see the
> instructions at
> http://www.checkpoint.com/services/mailing.html
> ==============================================================
> ==================
>
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
