I am currently implementing Hide Mode NAT on Checkpoint NG for my internal network and for the rules, I set these as follows:
Source Destination Service Action Firewall Any Any Accept Internal Network Any Any Accept Any Any Any Drop
I also set up Add Automatic Address Translation rules for the Internal Network and Hide behind Firewall External interface IP.
(1)I tried to log on to Firewall and go to Internet, and it does not work, but in Windows 2000 Server, when I unchecked the Checkpoint Point VPN-1/Firewall-1 Service option under My Network Place\\{Firewall Network Card Properties}, it works. I would think I already set up the policy for allowing Firewall to go anywhere, I wonder why it cannot go to Internet.
(2)Also, how can I trouble these problems as I have no way for Internal Network to go outside. I tried to ping from the Firewall to the ISP gateway and it works, but when I tried to ping from Firewall to yahoo's ip, it results in Request timed out.
Any Comment is appreciated!!!