Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] Port Address Translation

To: [email protected]
Subject: [FW1] Port Address Translation
From: Shawn Chandler <[email protected]>
Date: Fri, 29 Sep 2000 17:46:05 -0400
Sender: [email protected]

Hey guys...

I'm curious if anyone else has run into this same situation.  Basically what
I'm looking to do is have a mail server that is positioned behind a FW-1 4.0
server answer on port 25 (smtp) only, however on the outside of the firewall
it will answer on the SMTP port for both ports 25 and another TCP port (999).
The mail server is currently setup to do automatic NAT in the firewall and
works just fine.  I've tried adding a NAT entry at the top of my stack stating:

Source   Dest         port   Xlated Source   Xlated Dest  Xlated Port
Any      Mail Server   25       Original     Mail server   999

I've also added a corresponding rule that in my ruleset that permits any
source to talk my mail server on port 999.

When I attempt to telnet to port 999 of the mail server from the outside I
see a permit in the log show up, however the TCP session never gets
established.  I'd put a sniffer on the line, but it is at a remote facility.

Any ideas what I might be doing wrong?  Any info would be greatly
appreciated.  TIA!

Shawn

================================================================================
    To unsubscribe from this mailing list, please see the instructions at
              http://www.checkpoint.com/services/mailing.html
================================================================================

Follow-Ups:
- Re: [FW1] Port Address Translation
  - From: Jason Costomiris <[email protected]>

Prev by Date: Re: [FW1] Securing routers faq and site RFC
Next by Date: [FW1] Re:
Previous by thread: Re: [FW1] Securing routers faq and site RFC
Next by thread: Re: [FW1] Port Address Translation
Index(es):
- Date
- Thread