
Originally Posted by
Bob_Zimmerman
As far as I am aware, 'fw unloadlocal' should not stop routing.
I think the confusion happens because it unloads the whole policy, which includes NAT. Thus, any inbound NATs from public IPs to internal servers, and any outbound NATs from internal workstations to the Internet all stop. This creates the appearance of routing no longer functioning. Very, very few people use public IPs everywhere, so stopping NAT may as well be stopping routing in most environments.
Side-note: I have actually seen more people using public IPs they don't own internally than I have seen people using public IPs they do own internally.
Bookmarks