This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
ganeshan_dharm1
Participant
‎2017-12-04 04:42 PM

NAT not working even after manual proxy arp enabled on R 77.30


enabled hide nat . source is a group object ( 5 sub networks are members). when I capture the traffic on perimeter router I don't see the response. I get "incomplete" for the sh IP arp command on perimeter router.

Manual proxy enabled . still the same issue

0 Kudos
6 Replies
Timothy_Hall
MVP Gold
MVP Gold
‎2017-12-04 07:10 PM

If the hiding address does not show up in the output of command fw ctl arp you did not add the manual proxy ARP correctly; see sk30197.  If it does show up in the output of fw ctl arp make sure clustering is disabled under cpconfig (assuming of course it is just a single firewall and not part of a cluster).  If the firewall is part of a cluster, make sure it is in an active state with cphaprob stat.

--
My Book "Max Power: Check Point Firewall Performance Optimization"
Second Edition Coming Soon

Gaia 4.18 (R82) Immersion Tips, Tricks, & Best Practices Video Course
Now Available at https://shadowpeak.com/gaia4-18-immersion-course
0 Kudos
ganeshan_dharm1
Participant
‎2017-12-04 08:36 PM
In response to Timothy_Hall

This is cluttered setup and I enabled the manual proxy arp already.and the firewall also in the active state.What could be other reasons?

0 Kudos
Marco_Valenti
Advisor
‎2017-12-05 12:00 AM
In response to ganeshan_dharm1

be sure that in global properties under nat section merge with local proxy arp is flagged

0 Kudos
Norbert_Bohusch
Advisor
‎2017-12-05 01:11 AM
In response to ganeshan_dharm1

as Tim Hall wrote: make sure to check that the NAT IP you use for hide operation is shown when issueing the command "fw ctl arp"

Gaurav_Pandya
Advisor
‎2017-12-05 02:16 AM

Hi,

Capture data with fw monitor where you will find the NAT operation is happening or not with i,I,o,O and finally capture the data with tcpdump.

0 Kudos
Juan_Concepcion
Advisor
‎2017-12-05 10:28 AM

Is the address space your using associated with the external interface of your firewall??

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events