Hi I am pulling my hair out over the following problem:
I have installed checkpoint NG Firewall on a windows 2000 machine. I have set it up in a test scenario with the following setup:
checkpoint NG FP3 firewall on windows 2000 with 3 network cards each with the following IP addresses:
1. 10.34.100.20
2. 10.21.71.254
3. 10.21.72.254
in terms of the problem i am facing i am only using network card 2, and 3.
I have got 2 test servers, one directly connected to the 10.21.71.254 network card with the IP address 10.21.71.51 which i shall call DATA SERVER and the other server directly connected to the 10.21.72.254 network card with the IP address 10.21.72.50 which I shall call COMMS SERVER.
I have setup in the firewall rules that all traffic call pass from the COMMS SERVER to the DATA SERVER. this works fine as I can ping the DATA SERVER from the COMMS SERVER and visa versa.
However I need the COMMS SERVER to sit behind a NAT address, so I have introduced an imaginery node in checkpoint with the IP address 10.12.1.1. I have set it up so the all traffic sent to 10.12.1.1 is NAT'D to the DATA SERVER (10.21.71.51). I have set this up with a static NAT on the imaginary node that i created in checkpoint. I have also set a persistant route in the routing table as follows: 10.12.1.1 mask 255.255.255.255 10.21.71.51 . This is where my porblem lies, when i ping 10.12.1.1 from the COMMS SERVER (i have installed etherreal on the DATA SERVER) and i can see the ping reaching the server however i dont think the ping is able to reply as I keep getting a request timed out when i ping 10.12.1.1 from the COMMS server. I have also setup the rules saying that any traffic to the COMMS NAT ADDRESS can pass to the DATA SERVER and any traffic from the DATA SERVER can pass to the COMMS SERVER.
Please if anyone knows what i might be doing wrong please let me know. Thanks...
I have installed checkpoint NG Firewall on a windows 2000 machine. I have set it up in a test scenario with the following setup:
checkpoint NG FP3 firewall on windows 2000 with 3 network cards each with the following IP addresses:
1. 10.34.100.20
2. 10.21.71.254
3. 10.21.72.254
in terms of the problem i am facing i am only using network card 2, and 3.
I have got 2 test servers, one directly connected to the 10.21.71.254 network card with the IP address 10.21.71.51 which i shall call DATA SERVER and the other server directly connected to the 10.21.72.254 network card with the IP address 10.21.72.50 which I shall call COMMS SERVER.
I have setup in the firewall rules that all traffic call pass from the COMMS SERVER to the DATA SERVER. this works fine as I can ping the DATA SERVER from the COMMS SERVER and visa versa.
However I need the COMMS SERVER to sit behind a NAT address, so I have introduced an imaginery node in checkpoint with the IP address 10.12.1.1. I have set it up so the all traffic sent to 10.12.1.1 is NAT'D to the DATA SERVER (10.21.71.51). I have set this up with a static NAT on the imaginary node that i created in checkpoint. I have also set a persistant route in the routing table as follows: 10.12.1.1 mask 255.255.255.255 10.21.71.51 . This is where my porblem lies, when i ping 10.12.1.1 from the COMMS SERVER (i have installed etherreal on the DATA SERVER) and i can see the ping reaching the server however i dont think the ping is able to reply as I keep getting a request timed out when i ping 10.12.1.1 from the COMMS server. I have also setup the rules saying that any traffic to the COMMS NAT ADDRESS can pass to the DATA SERVER and any traffic from the DATA SERVER can pass to the COMMS SERVER.
Please if anyone knows what i might be doing wrong please let me know. Thanks...