Do you have antispoofing? If you do, turn on the logging, see if there are any rejects on rule 0, immediately following the http request. Do you have a static route configured for the translated address? It should look like: route add -p <www_public_address> 192.168.0.156. This permanent static route MUST be configured on the Firewall machine for it to be able to forward the http request to the correct server. HTH Michael. -----Original Message----- From: Jeff Ensminger [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 23, 2001 2:39 AM To: '[EMAIL PROTECTED]' Subject: [FW1] fw-1 log shows accepted http request, but web page does not reso lve This may be a simple one for some. Perhaps I am overlooking the obvious. I have been all through Phoneboy's site already. On my NT webserver I have a site that can be accessed (internally) through an exclusive private ip of 192.168.0.156. In the arp file on the fw-1, I have the necessary entry for an exclusive public ip to the ext nic. I have created a network object to translate the public ip to the private one. I have created the necessary rules to allow for http service in and outbound with respect to the network object. But when I try to browse to the site from outside the fw-1 (by ip address), I receive a "page cannot be displayed" error, yet the log shows that translation DID OCCUR from one ip to the other and that access WAS granted, per the appropriate rules. What am I missing here? Any thoughts on this would be greatly appreciated! Jeff "Gus" Ensminger Network Administrator RGI Marketing Group, inc. Orlando, FL 407-339-7111 ext. 104 http://www.rgimarketing.com <<...OLE_Obj...>> ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
