Connectivity issue with new nokia 380

[genlee]

I am new to ipso so sorry if this is a dumb question(all of my firewalls currently run solaris), I did search but could not find any answers to this. It seems the only way I can connect(ssh, https) to the 380 is if my client is on the same network. Is there an option somewhere to allow connections from different subnets? With tcpdump, I see it establish a connection but then the 380 just stops responding(I can telnet to 80 but get no response afterwards). I tried this with a 2nd 380 and same problem. No checkpoint services were running at the time.

[Lackie]

Quote:

Originally Posted by genlee

I am new to ipso so sorry if this is a dumb question(all of my firewalls currently run solaris), I did search but could not find any answers to this. It seems the only way I can connect(ssh, https) to the 380 is if my client is on the same network. Is there an option somewhere to allow connections from different subnets? With tcpdump, I see it establish a connection but then the 380 just stops responding(I can telnet to 80 but get no response afterwards). I tried this with a 2nd 380 and same problem. No checkpoint services were running at the time.

If you are trying this from an internal network that isn't directly connected to the Nokia, you will need to add in a static route on the Nokia to tell it how to get back to the distant network.

If it's from the external you are trying, check your default route.

[ScottRD]

If this is not simply a routing issue,a s suggested by Lackie, it is likely because IP Forwarding is disabled. Hwne the Check Point product is installed but not turned on, the defauly baheviour of the Nokia is to NOT forward between the interfaces. Try the following from the command line prompt:

ipsofwd on admin