G
gena
Hello. I am very new to all of this and I am not sure if these are even
the
appropriate groups for this question....if not, I apologize in advance and
please feel free to point me in the right direction.
I administering small network with internal IP 192.168.0.0(255.255.255.0).
My ISP installed ADSL modem/Router with internal IP 212.150.151.124.
The ultimate goal here is to install CheckPoint Firewall-1 on NT4.0
server, which will be gateway of my internal network. I have installed NT4.0
Server on the computer I want use as firewall (FW) with next configuration:
1-th NIC – External: IP 212.150.151.123
Subnet mask 255.255.255.248
Gateway 212.150.151.124 (Internal IP of the router)
2-th NIC- Internal: IP 192.168.0.10
Subnet mask 255.255.255.0
Gateway left blank
IP Forwarding box is currently checked-in (enabled).
From the FW I access Internet without problems.
In the manuals it’s highly recommended to test connection from internal
LAN to Internet through firewall machine before installation of FireWall.
So I connected a laptop with following IP configuration to internal
interface of FW machine to test the connection from inner LAN to the router.
IP 192.168.0.2
Subnet mask 255.255.255.0
Gateway 192.168.0.10 (Internal IP of the FW machine)
From the client I successfully sent ping to both internal and external
interfaces of FW machine (192.168.0.10 and 212.150.151.123), but when I
tried send ping to internal interface of the router (212.150.151.124) it was
not successful, therefore
1-th question – do I need to define static route on FW machine, or FireWall
will take care of the routing after installation by itself?
Defining static route, as it was written in manual did not solve the
problem. Furthermore my client lost connection to external interface of the
FW machine (212.150.151.123).
Here is the main question what subnet exactly must I make static route for?
(And how?)
I did try some variations of static routes but with no result.
I even Installed Win2K server on FW machine and enabled Internet connections
sharing and it worked perfectly – client browsed Internet freely. So I guess
there is some static route problem.
Another possibility is that my router drops packets from illegal IP’s if
there is no NAT between router and client with 192.168.0.2 address. That’s
why it did work with W2K server, and does not work with NT4.0 Server before
I install FireWall on it.
Please help me.
Thank you in advance
Gennady.
the
appropriate groups for this question....if not, I apologize in advance and
please feel free to point me in the right direction.
I administering small network with internal IP 192.168.0.0(255.255.255.0).
My ISP installed ADSL modem/Router with internal IP 212.150.151.124.
The ultimate goal here is to install CheckPoint Firewall-1 on NT4.0
server, which will be gateway of my internal network. I have installed NT4.0
Server on the computer I want use as firewall (FW) with next configuration:
1-th NIC – External: IP 212.150.151.123
Subnet mask 255.255.255.248
Gateway 212.150.151.124 (Internal IP of the router)
2-th NIC- Internal: IP 192.168.0.10
Subnet mask 255.255.255.0
Gateway left blank
IP Forwarding box is currently checked-in (enabled).
From the FW I access Internet without problems.
In the manuals it’s highly recommended to test connection from internal
LAN to Internet through firewall machine before installation of FireWall.
So I connected a laptop with following IP configuration to internal
interface of FW machine to test the connection from inner LAN to the router.
IP 192.168.0.2
Subnet mask 255.255.255.0
Gateway 192.168.0.10 (Internal IP of the FW machine)
From the client I successfully sent ping to both internal and external
interfaces of FW machine (192.168.0.10 and 212.150.151.123), but when I
tried send ping to internal interface of the router (212.150.151.124) it was
not successful, therefore
1-th question – do I need to define static route on FW machine, or FireWall
will take care of the routing after installation by itself?
Defining static route, as it was written in manual did not solve the
problem. Furthermore my client lost connection to external interface of the
FW machine (212.150.151.123).
Here is the main question what subnet exactly must I make static route for?
(And how?)
I did try some variations of static routes but with no result.
I even Installed Win2K server on FW machine and enabled Internet connections
sharing and it worked perfectly – client browsed Internet freely. So I guess
there is some static route problem.
Another possibility is that my router drops packets from illegal IP’s if
there is no NAT between router and client with 192.168.0.2 address. That’s
why it did work with W2K server, and does not work with NT4.0 Server before
I install FireWall on it.
Please help me.
Thank you in advance
Gennady.