local.arp Only Works with NAT

[BarryStiefel]

local.arp Only Works with NAT



Others have noticed that the proxy ARP mechanism in FireWall-1 on Windows using the local.arp file only works when there is at least one network address translation rule. If there are no NAT rules, then no proxy ARPs are issued. This is normally not a problem because proxy ARP is typically used together with NAT in order to allow the firewall to "capture" packets sent to the "virtual addresses". However, if you ever try to use proxy ARP for other reasons (like transparent routing) and you don't have any NAT rules, then you'll have problems.

The best way to do proxy arps on NT is with an external device, not relying on local.arp.

-- PhoneBoy - 11 Jan 2004

FAQForm FAQs.Class: FAQs.OS: OsWindows FAQs.Version: