CPUG

The Check Point User Group

A Resource For The Check Point Community.  Fast.  Useful.  Independent.

1. Come to CPUG CON 2008 EUROPE in Switzerland on September 8th - 9th!
    Two days full of technical content for Check Point administrators in the beautiful Swiss Alps!
    We already have 72 attendees signed up from 20 countries!
2. CCSA/CCSE One-Week Dual-Certification Training Course with CPUG in San Francisco!
    Courses Starting 10/6, 11/3, 12/8, (2009) 1/19, 2/9, 3/9, 4/6, 5/4, 6/8, 7/6, 8/3, 9/7.
3. Corrent S3500 SecureXL Turbocards For Sale - Last Six Remaining - Get Your Spares!
4. Join Us On LinkedIn - We now have a CPUG group.


Go Back   CPUG: The Check Point User Group > Check Point Firewall-1/VPN-1 Platforms > Check Point SecurePlatform (SPLAT)
Reload this Page secure platform and ip forwarding
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 2006-02-01
ld-runner ld-runner is offline
Junior Member
  
Join Date: 2006-02-01
Location: Canton, Mi
Posts: 4
Rep Power: 0
ld-runner has an average reputation (10+)
Send a message via MSN to ld-runner
Default secure platform and ip forwarding
on secure platform, does ip fprwarding need to be enabled to allow full outbound access for the internal network?
Do i need to echo "1" > /proc/sys/net/ipv4/ip_forward to get a InternalNet to Any rule to work?
Thanks.
Reply With Quote
  #2 (permalink)  
Old 2006-02-02
Lackie Lackie is offline
Senior Member
  
Join Date: 2005-08-22
Location: Ottawa, Canada
Posts: 347
Rep Power: 4
Lackie has an average reputation (10+)
Default Re: secure platform and ip forwarding
When you enable Check Point it should enable IP forwarding automatically. You shouldn't have to do anything for that.

If you are having a problem using the 'InternalNet' object, try creating a network object for your Internal Network. Also make sure that it's Natting to a public IP address.
Reply With Quote
  #3 (permalink)  
Old 2006-02-02
ld-runner ld-runner is offline
Junior Member
  
Join Date: 2006-02-01
Location: Canton, Mi
Posts: 4
Rep Power: 0
ld-runner has an average reputation (10+)
Send a message via MSN to ld-runner
Default Re: secure platform and ip forwarding
is natting it to the external interface of the FW required? I did not have to do that on NG SP3 running on NT4.0. All i had to do was enable ip forwarding on the tcp stack within NT.
Reply With Quote
  #4 (permalink)  
Old 2006-02-02
ld-runner ld-runner is offline
Junior Member
  
Join Date: 2006-02-01
Location: Canton, Mi
Posts: 4
Rep Power: 0
ld-runner has an average reputation (10+)
Send a message via MSN to ld-runner
Default Re: secure platform and ip forwarding
apparently, my problem was not with IP forwarding...i feel like a tool. It was becasue my internal client (192.168.1.195) was NAT'd to a real external IP address. That should be ok, except my other check point box (the one im upgrading) was still intercepting the ARP's from the new Checkpoint box and was bombing out. Doh.
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -7. The time now is 08:18.

Contact Us - CPUG Home Page - Archive - Top

Powered by vBulletin® Version 3.7.2
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
LinkBacks Enabled by vBSEO 3.0.0