Solved

Checkpoint R65 Firewall Leased Line Configuration Issue

Posted on 2012-03-13
2
632 Views
Last Modified: 2012-08-13
I wont go into the weirdness we've had surrounding this connection until I need to but basically:

We have an UTM-1 272/274/278 box running Checkpoint R65

We have had a single ADSL line attached to the External interface for a long time now and all external facing services (Exchange, FTP, Citrix, Sharepoint etc) routed through this line.

We also had another ADSL line connected to the LAN1/Sync port which was (as stupid as it sounds) believed to be for the email but discovered that it wasnt even being used, merely configured to exist.

To ease our transition to the leased line, we were under the impression that we could swap out the redundant ADSL connection on the LAN1/Sync port and replace it with that of the newly aquired Leased Line.

We did this and configured it as we needed to, however, we are unable to get any traffic down this line - there are not even any logs for activity in SmartView Tracker.

We are able to ping the router from the Firewall so comms must exist, and we are able to tracert and ping to the first two IP's of the leased line. I wont go into details, but its on a xxx.xx.xxx.64/248 address range. Gateway is .65 (Cisco WS-C3560) and Firewall was assigned .66, with 67-70 to be assigned to the externally facing services. The router is not NAT enabled.

Internally, the routing works. If I connect my Filezilla FTP client to the external address, it connects but it going direct through the firewall and is never going outside. Externally the only addresses "pingable" are .64 and .65. .70, the IP of the FTP sire externally is configures for FTP and ICMP requests but returns nothing.

Any ideas?
0
Comment
Question by:ultra-it
2 Comments
 
LVL 14

Accepted Solution

by:
grimkin earned 500 total points
ID: 37719079
Hi,

Could you confirm:

* if you attach your laptop and give it the .66 address, everything works
* if you attach the firewall to the line with the ext interface set to .66 then no traffic goes down the line but you can ping the upstream router from the firewall
* you have a default route on the firewall pointing to .65

Thnx

G
0
 

Author Comment

by:ultra-it
ID: 37829546
Apologies for lack of reply on this one.

It turned out we everything was working fine, but because of the two lines configured as they were, the ping and service requests were going down one line and back through the other.

never thought to use it, but using ISP redundancy resolved the issue.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Watchguard Firewall Setup 3 68
Sharepoint 2013 won't open, even in safe mode 26 84
Firewall blocking images 4 36
SharePoint List Calculated Field 4 20
Pimping Sharepoint 2007 without Server-Side Code Part 1 One of my biggest frustrations with Sharepoint 2007 in the corporate world is that while good-intentioned managers lock down the more interesting capabilities of Sharepoint programming in…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Concerto provides fully managed cloud services and the expertise to provide an easy and reliable route to the cloud. Our best-in-class solutions help you address the toughest IT challenges, find new efficiencies and deliver the best application expe…
A simple description of email encryption using a secure portal service. This is one of the choices offered by The Email Laundry for email encryption. The other choices are pdf encryption which creates an encrypted pdf of your email and any attachmen…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now