Nortel Alteon 5409

**halod** · 2007-01-31

Hi all ,

Here at my site we are having ASF 5409 with Checkpoint AI R55. We were using a standalone checkpoint server as a firewall before and last day we tried to migrated to ASF platform. The issue we are facing is with NATing.

He the site is having multipile locations connected through WAN. some locations are having servers which are nated and hosted to public from the main site.

Here at the main site we are using 172.16.8.0/21 network. There are servers hosted from this network also. that servers are getting Nated connected and is accessable from public.

When it comes to another server hosted from 172.16.200.0/21 it is not geting NATed in the ASF. we aer not getting any errors though. but the server is visible to public.

previoulsy with the Checkpoint standalone server this setup was working fine.

Here in ASF we have configured the first port (LAN Segment) with 172.16.9.1 as the VRRIP with a subnet mask of 255.255.248.0.

For a temporary solution we changed the subnet mask of the first port to 255.255.0.0 and it started working. but customer is not satisfied with this solution,. he want it to happen from the /21 mask. can anyone help me ..

**halod** · 2007-01-31

and one more issue is there,.. we are not able to see any logs of the traffic through the ASF in the Smart Tracker. the only logs we are seeing in that is the traffic from Management server to ASF box.

**halod** · 2007-03-10

Hi all ..

The problem is solved. Wht i did was taking the backup of the configuration of the Checkpoint and reinstalled the server and put it back. After putting the configuration i re-established the SIC and Logs start comming into the smart Center.

For the subnet issue, i have made a network grouo will all the WAN range (;ie 172.16.0.0 / 16 ). then this group has been said as the network behind the Internal interface and voila .. it started working ..