Check Point VPN-1/FireWall-1

(Manual) NAT and Microsoft Windows 2000 Server

AERAsec Network Services and Security GmbH

 

Platform:  Check Point Enforcement Point on Microsoft Windows 2000 Server
Product: Check Point Next Generation and 4.x
Problem: Configuring NAT under Windows 2000 gives problems, when the file local.arp is needed.
This file is located in $FWDIR\state\ in 4.x, in NG it's located in $FWDIR\conf\. Even if the file is at the right location , the ARP-Proxy doesn't work correctly. This happens also, when the content of this file ( <translated IP> <M-A-C of external FW-NIC>) is correct.
Workaround/Fix:

The problem is reasoned by the non-function of the ARP-Proxy under MS Windows 2000, not reasoned by Check Point.
To configure ARP correctly, Check Point had published the program fwparp.exe. To get this program please contact your valuable support partner. If this doesn't help, please contact us. Using this program, the ARP configuration works as wanted. Please remember to put it (configured as .bat) into Autostart, because after a Reboot the ARP-cache will be cleared.

 

No warranty at all, your Feedback is welcome!
© 2002-2010 AERAsec Network Services and Security GmbH, last change 2010-05-28
back to http://www.vpn-1.de/aerasec/