Difference between revisions of "Setting Proxy ARP entries for Manual NATs"

From Tech-Wiki
Jump to: navigation, search
 
(3 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 
[[Category:Check Point]]
 
[[Category:Check Point]]
 +
'''[[Check Point#Gaia|Back to Gaia]]'''
 +
 
If your recently created manual NAT is not working, maybe you need to create manually proxy ARP entries.
 
If your recently created manual NAT is not working, maybe you need to create manually proxy ARP entries.
  
Line 7: Line 9:
  
 
  192.168.10.100 00:1C:7F:82:01:FE
 
  192.168.10.100 00:1C:7F:82:01:FE
 +
 +
After applying the policy, validate using:
 +
 +
fw ctl arp
 +
 +
The Equivalent of that using Gaia would be:
 +
 +
add arp proxy ipv4-address 192.168.10.100 interface eth0
 +
 +
And check with:
 +
 +
show arp proxy all

Latest revision as of 21:54, 9 August 2016

Back to Gaia

If your recently created manual NAT is not working, maybe you need to create manually proxy ARP entries.

To do so, edit the file $FWDIR/conf/local.arp (or in VSX environments $FWDIR/CTX/CTX000<VSID>/conf/local.arp)

The new line should look like this one below, where the MAC address should be the virtual MAC used by the security gateway on the incoming interface:

192.168.10.100 00:1C:7F:82:01:FE

After applying the policy, validate using:

fw ctl arp

The Equivalent of that using Gaia would be:

add arp proxy ipv4-address 192.168.10.100 interface eth0

And check with:

show arp proxy all