Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Nokia routing problem

Status
Not open for further replies.
tabularasa

tabularasa

Technical User
Sep 20, 2002
65
US
Ok, i think i have the problem isolated.

I have a nokia 530 with 4 interfaces.

4 interfaces

10.10.0.0/24 LAN
63.x.x.x WAN1
65.x.x.x WAN2
10.10.1.0/24 DMZ

The 530 can go anywhere. Can ping, tracert, nslookup anything.

however, from behind the LAN segment no TCP connections can be formed. I can ping yahoo, i can nslookup yahoo, though i can not get to yahoo.

i have the default route set up to the 65.x.x.x router.

i can traceroute to IP addresses on the 65 subnet, but no further. IE, tracert yahoo.com :

10ms 10.10.0.240
* * * *
* * * *

i can ping the DNS servers, but not tracert to them.

Thanks in advance! Help!!
 
Sort by date Sort by votes
What address is the trace coming from? Is is another LAN segment separate from the 10.10.0.0 /24 LAN or is the trace coming from a machine on that LAN?

Your trace seems to hit the firewall so I would presume that you would be getting a log entry if the firewall is dropping the traffic. Have you checked the logs?

Chris.
**********************
Chris Andrew, CCNA, CCSA
chris@iproute.co.uk
**********************
 
Upvote 0 Downvote
if you are using a windows tracert then the problem lies with checkpoint.
i know of no-one who has managed to get a windows tracert successfuly through the firewall. this was a topic discussed on phoneboys site for a while with no resolution. it seems to be a quirk of NG
 
Upvote 0 Downvote
You guys are the best. Thanks for the quick responses.

The trace is coming from 10.10.0.110. i can trace succesfully through the firewall to the router. IE: 10.10.0.110 ---> 10.10.0.240 ---> 65.x.x.x

though if i try to go anywhere else i can not. I can not get on the internet. I can ping yahoo.com, i can NSlookup yahoo, but i can not get there.

All of this is before i push the policy. I did a fw unloadlocal before i did all of this. So, i know its a nokia issue. So when i try to hit a web page, it resolves DNS, then stops. In the log it shows that it accepts domain from the firewall to the name server.

When i did push the policy to see if there was a NAT issue,
In the log it shows nothing out of the ordinary. It denies something to the router on 63.x.x.x, which explains why i cant ping it. (but thats a whole other issue) and it shows being denied trying to get to microsoft and aol.

Send me you emails and i will send you the log.

thanks!

Ryan
 
Upvote 0 Downvote
i wont be back on until monday but if you send the log to alltsec@yahoo.co.uk

is it possible to see a screenshot of the policy? and the translation policy
 
Upvote 0 Downvote
Piloria,

The policy is uninstalled. Does that mean the NAT is also not installed?

 
Upvote 0 Downvote
if no policy is installed i beleve that also means nat is not installed

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Modem80
  • Locked
  • Question
Novice SonicOS user, need routing help
Replies
2
Views
141
Modem80
Modem80
ITSUPPORTIT
  • Locked
  • Question
VPN from ASA 5510 and RV215W problem
Replies
0
Views
143
ITSUPPORTIT
ITSUPPORTIT
wrighbr1
  • Locked
  • Question
Cisco ASA 5505 site to site VPN problem
Replies
0
Views
122
wrighbr1
wrighbr1
mattbarkerlfc
  • Locked
  • Question
Checkpoint 2200 subnet overlap problem
Replies
0
Views
123
mattbarkerlfc
mattbarkerlfc
sebd44
  • Locked
  • Question
sonicwall statistics problem
Replies
0
Views
125
sebd44
sebd44

Part and Inventory Search

Sponsor

Back
Top