Re:

["jsg" <jgerrits () enteract com>]

Are you using static nat for your mail server?  You will need to use a one
to one translation for anything that needs to come in.  Hide is just for a
many to one translation.

If your mailserver object is setup properly then you will need make sure
that you have a local.arp in the following directory:
c:\winnt\fw\state\local.arp
Include the ip address and mac address of the external interface of the
firewall.
Also check that your route is setup properly:
route -p add external address internal address

Your rulebase should be:
any    mail_server    smtp    accept
mail_server    any    smtp    accept

----- Original Message -----
From: Todd Mera <tmera () pacbell net>
To: <owner-firewall-wizards () lists nfr net>
Sent: Friday, January 14, 2000 9:39 AM


> I have a checkpoint firewall (FW-1 v4.0) running on NT4 with service pack
4.
> I setup the persistent routes and the network objects on the internal and
> external side of my network.  I am trying to get the firewall to reroute
> (remap) mail and web traffic to my internal machines.  The internal
network
> objects have NAT selected.  My users can get out but no mail comes in even
> after setting up the rules.  What's up?
>
> Rupert the Monkey Boy

__________________________________________
NetZero - Defenders of the Free World
Get your FREE Internet Access and Email at
http://www.netzero.net/download/index.html