Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 2 subscribers
  • Views 917 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Proxy ARP+DMZ machines don't see Public Lan

jmgarcia
Hi. I have a network 172.20.68.0 with netmask 255.255.252.0. My DMZ network is the 172.20.70.224/255.255.255.240 (It be in the same network that the public address). The ASL machine has the ip 172.20.70.1 in eth0, and 172.20.70.238 in eth1. I activate the proxy arp in eth0, and machines from network 172.20.68/22 see the DMZ machines with this feature, but the machines inside the DMZ can't see the machines in the other network. I has a Checkpoint Firewall 1 with this network configuration, and all runs ok. I think that i must use NAT to make that DMZ machines go into public LAN , but i don't know how. Any one can help me?. Regards  

172.20.70.224/255.255.255.240-----DMZ----eth1---

172.20.68.0/255.255.252.0-----eth0(Proxy arp)---ASL MACHINE
                                                                         
    


This thread was automatically locked due to age.
  • 0
    You don't need Proxy ARP for private subnets.  You have millions to choose from and can subnet and route internally as you wish.  Just set-up the desired rules between the nets.   Of course each interface needs to be on a different subnet and different physical net (hub whatever).