×

Loading...
Ad by
  • 推荐 OXIO 加拿大高速网络,最低月费仅$40. 使用推荐码 RCR37MB 可获得一个月的免费服务
Ad by
  • 推荐 OXIO 加拿大高速网络,最低月费仅$40. 使用推荐码 RCR37MB 可获得一个月的免费服务

@Florida

Help needed about CheckPoint FW-1 NG R55, Thanks in advance:

eagle8888(firewall)
本文发表在 rolia.net 枫下论坛I configured Windows 2000 Server(machine A) as a router, machine B using A as the gateway, all was ok.
Then I installed CheckPoint to machine A, setup and installed rlue to enable all services from machine B.
Now I have the problem, I can visit external website from machine A, I can "ping" "tracert" external host from machine B, but I can't visit webpage using browser on machine B, no response come back. In CheckPoint Smartview Tracker, it shows accept http connection from B to external host, another log shows drop http connecion from B to external host, information "TCP packet out of state: First packet isn't SYN tcp_flags: FIN-ACK". If I turn off "Drop out of state TCP packets" in global properties, the second log message will no appear, but I still can't use machine B to visit external webpage.
One interesting thing: if from B, I use "telnet hostname 80" , and "GET ...", most time there is no response, some time I can get the http response and the html source.
Anybody can help me? Thank you very much!更多精彩文章及讨论,请光临枫下论坛 rolia.net
(#2094663@0)
Last Updated: 2005-1-26
This post has been archived. It cannot be replied.
Report

Replies, comments and Discussions:

  • 工作学习 / IT技术讨论 / Help needed about CheckPoint FW-1 NG R55, Thanks in advance: -eagle8888(firewall); 2005-1-26 {1043} (#2094663@0)
    本文发表在 rolia.net 枫下论坛I configured Windows 2000 Server(machine A) as a router, machine B using A as the gateway, all was ok.
    Then I installed CheckPoint to machine A, setup and installed rlue to enable all services from machine B.
    Now I have the problem, I can visit external website from machine A, I can "ping" "tracert" external host from machine B, but I can't visit webpage using browser on machine B, no response come back. In CheckPoint Smartview Tracker, it shows accept http connection from B to external host, another log shows drop http connecion from B to external host, information "TCP packet out of state: First packet isn't SYN tcp_flags: FIN-ACK". If I turn off "Drop out of state TCP packets" in global properties, the second log message will no appear, but I still can't use machine B to visit external webpage.
    One interesting thing: if from B, I use "telnet hostname 80" , and "GET ...", most time there is no response, some time I can get the http response and the html source.
    Anybody can help me? Thank you very much!更多精彩文章及讨论,请光临枫下论坛 rolia.net
    • any CheckPoint expert? -eagle8888(firewall); 2005-1-28 (#2098168@0)
    • i am not -buma(buma); 2005-1-28 {223} (#2098526@0)
      is ur win2000 have 2 ip on the same nic or 2 physical nics? I take assumption that u used 2 nics and with different static IP
      which nat service u r using, from check point? if so, is there any nat rules setup improperly.?
      • Thx. The NAT setting should be correct. -eagle8888(firewall); 2005-1-31 {112} (#2103024@0)
        all check boxes for NAT global properties are enabled as default. The internal network is hidden behind Gateway.

More Topics

  • 脑洞大开,突发奇想,用力来传播信息
  • 看大家讨论日语,俺也正在认真学习。其实语言问题应该是很快也很容易就解决的,可能比自动驾驶来的还快。TREK里面,全宇宙的人都在大脑里安装了UNIVERSAL TRANSLATOR,外星人之间相互交流无障碍。废话少说,看视频。。。加上个MIC和耳机,不同国家的人就可以无障碍交流。
  • 肉脸真有搞 IT 的?Linux 把俄国中国伊朗踢出去了好像肉脸 IT 没啥感觉似的
  • 请问web developer和software developer技术上有什么区别?
  • Elon Musk 带着川普总统奔向火星了。
    • 枫下论坛主坛工作学习IT技术讨论