NETWORK PRESENCE

ABOUT

SERVICES

PRODUCTS

TRAINING

CONTACT US

SUPPORT

Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] Answer: StaticNAT

To: "FW-1 Mailing List (E-Mail)" <[email protected]>
Subject: [FW1] Answer: StaticNAT
From: Arno Hechenberger <[email protected]>
Date: Thu, 14 Sep 2000 08:29:19 +0200
Sender: [email protected]

Look at Joe Di Pietro's static NAT cookbook.

At the second last page and at the last page (I think it's P15) there is a very detailed Packet manipulation diagram. If you can follow him (it's step by step explained) then you can see, that the way back to your host is not possible for internal hosts.

Arno

> -----Ursprüngliche Nachricht-----

> Von: [email protected]

> [mailto:[email protected]]Im Auftrag von

> Ing. Eduardo Frias T.

> Gesendet: Mittwoch, 13. September 2000 19:59

> An: [email protected]

> Betreff: [FW1] Static NAT question

>

>

>

>

> Hi.

>

> I have the following problem:

>

> I have an internal web server which I have to make available

> for external

> requests also. So I did static NAT

>

> The rulesI added:

>

>

> <32, 172.16.1.30, 172.16.1.30, FWXT_SRC_STATIC, 148.243.163.133, 0>,

> <33, 148.243.163.133, 148.243.163.133, FWXT_DST_STATIC,

> 172.16.1.30, 0>

>

> Besides that I also added two rules in my policy so I accept http

> connections from any place to the external IP address, and

> also put a rule

> in which I accept everithing from my web server (internal ip ) to any

> place.

>

> I added :

>

> route add 148.243.163.133 172.16.1.30

> and also added the arp entry.

>

> I make a probe and everything works, I can see my web server from any

> external machine

> but when I try to access the web server from any internal

> machine I do

> not get an answer I can only see the web server if I use the

> internal ip

> of the web server but

> if I use the external ip I don't get any response. In the

> logs I see the

> connection is accpeted but I don't get anything.

>

>

> What is happening???

>

> --

> Eduardo Frias

> [email protected]

>

>

>

>

> ==============================================================

> ==================

> To unsubscribe from this mailing list, please see the

> instructions at

> http://www.checkpoint.com/services/mailing.html

> ==============================================================

> ==================

>

Prev by Date: AW: [FW1] VPN going Up & Down
Next by Date: RE: [FW1] Web Hosting
Previous by thread: AW: [FW1] VPN going Up & Down
Next by thread: RE: [FW1] Answer: StaticNAT
Index(es):
- Date
- Thread

ABOUT

SERVICES

PRODUCTS

TRAINING

CONTACT US

SUPPORT

SITE MAP

LEGAL

All contents � 2003 Network Presence, LLC. All rights reserved.