RE: [FW1] HTTP Incoming Traffic Restriction based on pre-defined source IP address

[Thomas.Poole@FW1-NOSPAMgecits.ge.com]

NAT is practical.

I would assume that if this remote company has such a restriction, then all you have to do is give them the external IP address of your firewall If you are using hide mode NAT, then every host outside of your firewall looks the same.

 

Thomas Poole

-----Original Message-----
From: BY [mailto:bysoo@iprimus.com.au]
Sent: Wednesday, September 06, 2000 7:34 AM
To: Fw-1-Mailinglist
Subject: [FW1] HTTP Incoming Traffic Restriction based on pre-defined source IP address

Hi everyone here,

 

I am trying to understand how this restriction is being configured by a company A that apparently only allow the HTTP traffic to enter their network depending on the source of the IP address. Why would people do this in the first place anyway ? This consumes too much time to an administrator !  I guess I have shown how little I know about Security and Firewall here.

 

My company workstations are all using Private IP address and we have 1 Firewall Checkpoint machine with dual network card configured with 1 Private IP Address & another with 1 Public Internet Address that interface with the Internet world. Because of this Company A’s strict rule, they do not accept our private IP addresses. So is NAT the only method to resolve this issue ? But because all my staff (1500 machines) here do need access to this web site, is NAT still a practical approach ? I know I answer this myself but our Firewall is configured by an external vendor, not myself.

 

Thanks for your tips in advanced.

 

BY