Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

IP/NAT Problem 1

Status
Not open for further replies.
BlckJckFrnk

BlckJckFrnk

Technical User
Feb 20, 2002
83
US
I have the following hardware:
OldServer1 NT 4.0/Exchange 5.5 Static address 192.168.1.2
Newsever1 Win 2000/exchange 5.5 Static address 192.168.1.18
Checkpoint 4.1

Here's the problem driving me nuts and by the way, I’m a newbe to checkpoint.
I’m changing my server box, so I’m trying to point my Nat address to the new static address in checkpoint, but for some reason it will not reroute mail to the new server. Everything on the new server is running great, except incoming mail. I have to keep the oldserver running. My ISP is handling my DNS, and I was wondering if the have a setting that has the static address of the old server???? I wouldn’t put it past them or I’m I missing a setting somewhere in the newserver. Any thoughts would be appreciated. Thanks %-)
 
Sort by date Sort by votes
Hi,

What Os is FW 4.1 running on?

Sounds to me as if you need to change your static route.

For instance, on NT open up a dos window and type "Route Print" what routes are there?

Also on v 4.1 you need to manually add new addresses to the local.arp file.

Lou
 
Upvote 0 Downvote
Hey Lou......
does that mean I have to make that change in my router for the static route????
So if it sounds like class 101, but this the first time I'm dealing with all this...
Thanks
 
Upvote 0 Downvote
Hi LongJohn,

No not on the router. The change should be done on the device where Check Point is installed. Once again, I will ask, what OS/Device is Check Point installed on?

First, with v4.1, CP was not smart enough to enter new NATs to the local.arp file on it's own. Second, on a Windows NT server you needed to add static routes at the OS level. Third, you need to add the same static routes on the appliance (i.e. an intrusion.com device), if using one.

Lou
 
Upvote 0 Downvote
Hi,

Ok, the reply is same as above. Check the local.arp file, verify that the new private address is listed. Then open up a DOS window, type route print, verify that new Private IP is being routed to the NAT (Public Address). If not, delete the old route (old private to NAT) and add the new route.

I'm pretty sure that when you ping the Public IP from the outside your old server is still responding after you make the change. This is due to the fact that the route still points to it. Make these changes, then establish the NAT through Check Point, puch the policy and try your ping test again. The new server should now respond.

Good Luck
Lou
 
Upvote 0 Downvote
Thanks Lou..
Sounds like a plan and I love it when a plan comes together.
I'll give a try and let you know.....
 
Upvote 0 Downvote
Hey Lou....
Everything seems like it's compnig it place, but I just have one more question???
How does the ARP entry go from static to Dynamic??? I've been trying to research it, but I've come up blank.
 
Upvote 0 Downvote
Hi again LongJohn,

Glad to hear that it's coming together but I'm not sure what your asking me about ARP entries going from Satic to Dynamic. Can you elaborate?

Thanks
Lou

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
730
Sameer258
Sameer258
XLNTech1
  • Locked
  • Question
iptables port forwarding
Replies
0
Views
555
XLNTech1
XLNTech1
intel233
  • Locked
  • Question
Cisco ASA 5510 -Static NAT Help
Replies
8
Views
668
intel233
intel233
Sparrow4
  • Locked
  • Question
Configure Avaya IPO R11 / VM Pro + Office365 or Exchange for voicemail to email
Replies
2
Views
617
Johnkite
Johnkite
steve777777
  • Locked
  • Question
Cisco ASA VPN+NAT
Replies
0
Views
113
steve777777
steve777777

Part and Inventory Search

Sponsor

Back
Top