Nokia DMZ setup problem!

[Matt Villion <mvillion () ddd com>]

Greetings,
 
I am having difficulties in the setting up of a DMZ on a Nokia IP330 box.
I have dug through the Nokia documentation relating to the task and it does
seem straight forward but I am encountering difficulties with it.
 
The Nokia has three interfaces, Internal External and DMZ.  
 
On the internal interface I have 192.168.0.8 thus connection to the LAN on
192.168.0.x
 
On the DMZ interface we have 192.168.1.8 and thus the the servers being on
192.168.1.x
 
On the external interface we have say x.x.35.156 which is connected to the
upstream router at x.x.35.155.
Our ISP also provided a range of other IP numbers to use which are not on
the same subnet.  (Bugger)
We got given x.x.36.1 to x.x.36.7.  The route is configured to listen out
for these addresses.
 
The configuration I need is for a couple of the x.x.36.x addresses to route
to the DMZ and one to pass through to the LAN.
To complicate matters I have a VPN connecting to and other office sitting on
the x.x.35.156 address.
 
To set this up I configured in Checkpoint the servers with an DMZ network
address and a external NATed address from the x.x.36.x range and for the
internal LAN mapping address I did the same.
 
x.x.36.1   -> 192.168.0.1
x.x.36.2   -> 192.168.1.1
x.x.36.3   -> 192.168.1.2
 
I added via command line an ARP entry as per the manual.  I also added the
static routing.
 
But nothing worked.  
When I added the x.x.36.x addresses as logical devices via the Voyager
interface it all works OK but the VPN will not survive a reboot.  After a
reboot I have to remove the x.x.36.x addresses from the logical interface
(The VPN then reconnects) and then I can add the x.x.36.x addresses back and
continue on my merry way.
 
Please if you can help I would be grateful.  
 
Thanks in Advance
 
Matt
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards