[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] How do fw-1 count internal host?




Hi 
thank you for answering

Your answer make to think what happens when the following configuration:
  
External
   |
   |  202.211.200.31/27 -Global IP
 ------
|  fw  |
 ------
   |  Internal
   |  172.16.0.0/16 -Private IP
   |---------|-------|--------|---------|  
 ------   ------   ------   ------   ------
| dns  | | cln1 | | cln2 | |  lp  | | proxy|
 ------   ------   ------   ------   ------
                                        |  192.168.3.0/24
                                     ------
                                    | cln3 | 
                                     ------                    


 -Configuration----------------------------------------------------
dns=DNS                            
cln1=client1                       
cln2=client2                       
cln3=client3  
  (dns&cln* get trouth and go to external)
proxy=proxy server 
 (cln get through fw with proxy external IP Address as source IP )      
lp=print server
 (this doesn't get throuht and go to external but do broadcast    
because this conect only client)  
 -------------------------------------------------------------------

At this time, doesn't FW recognize "lp" ?
and doesn't FW recognize "cln3" having proxy ip as source ip?


Takashi Kouda
     From Japan

> Hi, 
> the FW-1 counts the ip-address that get through it. 


> > 
> > Hi
> > 
> > The License what I have get from CheckPoint is Internet Gateway /25
> > 
> > But, I had a doubt.
> > 
> > Why does FW-1 know the number of the running internal host under itself?
> > 
> > With the expectation, I think it broadcast (to get arp).
> > 
> > However, there is no conclusive evidence and theory.
> > 
> > Please answer me If there is someone which is familiar wiht this doubt.
> > 
> > 
> > Takashi Kouda  
> >           From Japan
> > 


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================