Incoming traffic not getting in DNS server.

[krishnadivakar]

Hello evry one!!
i had problem while integrating LAN with WAN.
i use check point firewall on UNIX-AIX RS/6000 machine.
I have NATed my network with public IP's. My is Publisher networ not DMZ. i am able to get internet connection to all my local clients with NATing. The problem is DNS server is getting responding from outside. While tracing it's ip it getting traced till firewall ip and after that it is getting request timed out. All outing mails are properly being send to other sites but incoming mails to my mail server are not getting recived. remember all these are NATed to their respective IP's. My thinking with IP routing in UNIX-AIX firewall. Can anybody suggest the overcome the problem.

diva

 

[Piloria]

you havent said what version of CP you are using. i am assuming NG
some Service packs for this have problems with traceroute and ping so i wouldnt rely on this.

1st thing to check with NAT for public servers is to make sure you are using static NAT and not hide NAT.

 

[krishnadivakar]

hello piloria!!
Firstly thanks for your reply. My check point version is 4.1 . All my public servers are Static NAT.
One thing my is not a DMZ. we have a publisher network.
Local ip is NATed to Public IP.
For example: We had a DNS server and mail server which are given local ip's and is NATed with Public IP's at Check point. My DNS server is NATed to public ip which is registered in net.