Racking My brain hope somone can help.
I have recently installed 2x IP350's with IPSO 3.7 and NG AI. I have configured Nokia clustering with seperate control network (dual port 10/100 card). I am also using all four built in interfaces. 1x internal, 1x External 1x DMZ (private), 1x DMZ (public). In addition I have a 2000 box running as a policy server on the Public dmz.
I have licensed all components successfully through smart update (no issues there) and I am in the process of configuring the rule base. My problem which I beleive to be NAT related goes like this-
I have set up a rule to allow myself to telnet to the internet router on the external side of the firewall. Pretty basic rule. Myself(internal)-->Internet router-->telnet install to cluster. Log says the tlent data is being accepted but I do not get a telnet session. I also have Proxy server on the public dmz and I have set up a rule to allow http proxy access from internal to the dmz and the from the proxy to the internet.
Basically I think it is NAT related but I dont know! I have my DFG's on all client set to the cluster(virtual) IP addresses on their corresponding interfaces.
I have also unloaded the policy and enable ipsofwd on and I still cant get traffic through my firewalls.
Funny thing is though that I can quite successfully install the policy to the Policy server which is on the Public DMZ. Go figure.
Any Help would be great. The problem more than likely lies between the user and the keyboard, but hey! I'm stumped.!
FB
I have recently installed 2x IP350's with IPSO 3.7 and NG AI. I have configured Nokia clustering with seperate control network (dual port 10/100 card). I am also using all four built in interfaces. 1x internal, 1x External 1x DMZ (private), 1x DMZ (public). In addition I have a 2000 box running as a policy server on the Public dmz.
I have licensed all components successfully through smart update (no issues there) and I am in the process of configuring the rule base. My problem which I beleive to be NAT related goes like this-
I have set up a rule to allow myself to telnet to the internet router on the external side of the firewall. Pretty basic rule. Myself(internal)-->Internet router-->telnet install to cluster. Log says the tlent data is being accepted but I do not get a telnet session. I also have Proxy server on the public dmz and I have set up a rule to allow http proxy access from internal to the dmz and the from the proxy to the internet.
Basically I think it is NAT related but I dont know! I have my DFG's on all client set to the cluster(virtual) IP addresses on their corresponding interfaces.
I have also unloaded the policy and enable ipsofwd on and I still cant get traffic through my firewalls.
Funny thing is though that I can quite successfully install the policy to the Policy server which is on the Public DMZ. Go figure.
Any Help would be great. The problem more than likely lies between the user and the keyboard, but hey! I'm stumped.!
FB