Use FWXT_SRC_STATIC & FWXT_DST_STATIC..
At 09:07 AM 1/30/97 -0500, Mike Jones wrote:
>Ron Hardin writes...
>> I have a NT server sitting behind a FW-1 gateway. The group that is
>> responsible for the server wishes to permit FTP access. This host is
>> on a seperate enet segment off a quad port in my Sun host. NAT is
>> in force for all host behing the firewall.
>>
>> When a ftp session is initiated from the outside (say with Netscape)
>> the host is contacted, but the illegal IP (not xlated) and associated
>> port is passed back to the browser. Needless to say the ftp session
>> fails. Any suggestions where to look for the solution?
>
>I think the problem is the address translation mode. You're probably using
>FWXT_HIDE, which translates "on demand". I don't remember the name of
>the other mode, but you need to set up the address of the FTP server with
>a "fixed" translation.
>
> Mike Jones
> Sr. Network Computing Advisor
> UNIFIED Technologies
>
>
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Darwin L. Martinez Voice: 404-843-5954
Network Systems Engineer Pager: 888-346-1320
International Network Services Vmail: 770-641-4004
Atlanta Office Email: <mailto:darwin_martinez @
ins .
com>
http://www.ins.com
"Happiness is a belt-fed weapon."
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
|
