Checkpoint doesn’t support Proxy-Arp???

Say whaaaatttt???????? Ok, so you have a Checkpoint firewall with a whole lotta NATed addresses. The router won’t find these NATed addresses though unless you go through a painful procedure to enable proxy-arp on the Checkpoint or you have to add static host entries to the router pointing to the interface IP on the Checkpoint.

What year is this because I seem be in the 90’s.

I know some people really love Checkpoint but every exposure I’ve had has left me scratching my head wondering if they could have done things any more atypically.

So yes, Checkpoint administrators, have no fear. The router jockeys will fix your broken crap again.

1 comment

  1. There are two ways … automatic NAT in the Nodeobjet creates a arp entry or if you dont like this you can create them by hand and merge them in the Firewallobject.

Leave a Reply

Your email address will not be published. Required fields are marked *