Gaia is an overlay of Linux, the file structure is Linux. To enter Linux environment you need to enter the expert mode.
From the documentation you must create manual proxy arp if you are doing manual static NAT.
You can add proxy arp in the following methods:
1. Use the Gaia portal.
2. Use the command line (in Gaia):
add arp proxy ipv4-address 172.16.0.8 interface eth0 real-ipv4-address 172.16.0.22
ipv4-address is the address after your internal server is translated, and this is the address that is known to the external users. You can either put in the mac address of the Checkpoint physical interface or just specify which interface will the DNAT be published. The
real-ipv4-address is the address of the Checkpoint interface. If an external user attempts to use the 172.16.0.8 server, the Checkpoint interface will answer the arp on behalf of its DNAT server.
3. Use the command line (in expert mode):
Login to expert mode –
expert Enter expert password: Warning! All configuration should be done through clish You are in expert mode now.
Then insert the information directly to
echo "172.16.0.8 00:0c:29:f1:b7:74 172.16.0.22" >> $FWDIR/conf/local.arp
4. Save the config. By typing
5. Use Smartdashboard to install policy to take the configuration into effect.
Save config in the command line only save the configuration but does not apply.
If you are using automatic NAT for some objects, you will have to merge the manual proxy arp with the automatic proxy arp. The file
local.arp is for manual proxy arp, if you do not merge Checkpoint will ignore the