NAT failures

["Janz, George" <gjanz () anteon com>]

I am running checkpoint 4.1 sp2 on Nokias and checkpoint 4.1 sp3 on NT
FIrewalls.  Sice upgrading to this level, we experience address translation
failures.  

The Firewalls are running along fine and then someone reports that their
network (a 10Dot address space, hidden behind the extermal interface
address) is unable to browse the Internet.  

Also a Statically translated host that is availble for pop3 or http access
will suddenly become unaccessible.

These two situations do not occur together, generally it is one or the
other.  The problem is gotten around by either pushing another policy.  In
some cases this does not fix the problem.  WHen pushing a policy alone fails
to correct it, we have to 'fw unload localhost' 'Fwstop' and then delete the
state tables.

then issue an FWSTART.

has anyone experienced this ?


_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards