John Chen @ ALLIANCE CAPITAL
06-04-97 09:29 AM
Be aware of hte NAT for which interface or both, for your problem, define
outsite interface will be better.
sleiman @ gestronic.ch on 04/06/97 07:53:38
To: fw-1-mailinglist @ us.checkpoint.com, firewalls @ GreatCircle.COM
cc: (bcc: John Chen/New York/ACMC)
Subject: Address Translation with Firewall 2.1 on Solaris 2.5.1
Hello,
I defined address translation on a firewall gateway as fellow:
193.246.62.140 193.246.62.140 DST_STATIC
195.176.150.10
195.176.150.10 195.176.150.10 SRC_STATIC
193.246.62.140
I add with arp -s 195.176.150.10 ehternet_address of the machine
193.246.62.10 PUB.
I also defines staic routes to 193.246.62.140 using the internal
interface of the firewall.
route add 195.176.150.10 Ipaddress of the internal interface
193.246.62.2
The internal interface has 193.246.62.2 as IP address.
The external interface has 195.176.150.2 as IP address This address in
registered address.
the class 195.176.150.0 is a registeres class
the class 193.246.62.0 is not a registered address.
Adresses are samples and not reality.
The problem: i am not able to ping the translated address 195.176.150.10
from the internet and from the inside and from the gateway itself.
Could someone tell me what is wrong ?
Another question: where we should define address translation.
How to load address translation table ( xlate.conf ) ? DO we have to
lunch a command to load address translation configuration ?
is static routes are correct ?
Best regards
Raymond Sleiman
|
|
