FW1 - NAT hide problem

From: Andy Davis (andyat_private)
Date: Sat Oct 30 1999 - 10:38:44 PDT

Next message: Technical Incursion Countermeasures: "Re: Lightweight standalones? WAS: BlackIce Defender???"

Previous message: Steven M. Bellovin: "Re: Hackers and gateway systems"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This is a multi-part message in MIME format.

------=_NextPart_000_0004_01BF2305.FE946550
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Hi I hope someone can help me with this problem:

I've just installed FW1 on an NT box, it has two interfaces - an ISDN =
RAS connection to the Internet and a ethernet connect to an internal =
network containing a Linux box. I've been trying to set it up so that =
the internal addresses 192.168.10.x are hidden by the external address =
(valid address) of the firewall.

Please could someone explain in simple terms how to configure this =
setup. Currently when I ping from the linux box to the Internet the =
echo-request packet reaches the firewall as I can see it appear on the =
log but the echo-reply never appears. Also whenever I boot my NT box the =
MAC address of the RAS interface changes (I presume because it's not a =
real physical interface - it this the problem?

Thanks in advance,

Andy Davis.

------=_NextPart_000_0004_01BF2305.FE946550
Content-Type: text/html;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD W3 HTML//EN">
<HTML>
<HEAD>

<META content=3Dtext/html;charset=3Diso-8859-1 =
http-equiv=3DContent-Type>
<META content=3D'"MSHTML 4.72.3110.7"' name=3DGENERATOR>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT color=3D#000000 size=3D2>Hi I hope someone can help me with =
this=20
problem:</FONT></DIV>
<DIV><FONT color=3D#000000 size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT color=3D#000000 size=3D2>I've just installed FW1 on an NT =
box, it has two=20
interfaces - an ISDN RAS connection to the Internet and a ethernet =
connect to an=20
internal network containing a Linux box. I've been trying to set it up =
so that=20
the internal addresses 192.168.10.x are hidden by the external address =
(valid=20
address) of the firewall.</FONT></DIV>
<DIV><FONT color=3D#000000 size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT color=3D#000000 size=3D2>Please could someone explain in =
simple terms how=20
to configure this setup. Currently when I ping from the linux box to the =

Internet the echo-request packet reaches the firewall as I can see it =
appear on=20
the log but the echo-reply never appears. Also whenever I boot my NT box =
the MAC=20
address of the RAS interface changes (I presume because it's not a real =
physical=20
interface - it this the problem?</FONT></DIV>
<DIV><FONT color=3D#000000 size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT color=3D#000000 size=3D2>Thanks in advance,</FONT></DIV>
<DIV><FONT color=3D#000000 size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT color=3D#000000 size=3D2>Andy =
Davis.</FONT></DIV></BODY></HTML>

------=_NextPart_000_0004_01BF2305.FE946550--

Next message: Technical Incursion Countermeasures: "Re: Lightweight standalones? WAS: BlackIce Defender???"
Previous message: Steven M. Bellovin: "Re: Hackers and gateway systems"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:46:33 PDT