Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] Hiding multiple servers behind 1 IP address

To: [email protected], [email protected]
Subject: Re: [FW1] Hiding multiple servers behind 1 IP address
From: "Really Boring" <[email protected]>
Date: Thu, 05 Oct 2000 15:05:20 EDT
Cc: [email protected]
Sender: [email protected]

Not quite - hide NAT only works if the traffic is originating from the "hidden" servers. Todd is trying to have 2 servers share the same IP address for traffic originating from the Internet, not for traffic originating from those 2 servers.

Check out http://www.phoneboy.com/fw1/faq/0022.html. By the way, I haven't tried it, so if it doesn't work, you're on your own :-)

-RB

From: Jason Witty <[email protected]>
To: [email protected]
CC: [email protected]
Subject: Re: [FW1] Hiding multiple servers behind 1 IP address
Date: Thu, 05 Oct 2000 12:28:13 -0500
It's called hide-mode NAT in FW-1.  An example NAT rule would look like
this (obviously you need an access rule as well):
ORIGINAL PACKET			NATted PACKET
SOURCE		DEST		SOURCE		DEST
internal-net	ANY		hide-addr	ORIG
Hope this helps.

Jason

Todd Ginther wrote: > > Hello All, > > I haven't seen a FW-1 solution to something that I currently do with another firewall product - that is to be able to advertise a single IP out to the world (firewall external interface) and have the firewall direct inbound Internet traffic to different internal servers based soley on which port the firewall gets hit on. > > Example: > > -Advertised IP address is abc.123.123.1 > > -Traffic hits abc.123.123.1:18000 gets redirected > to an internal server, machine alpha. > > -Traffic hits abc.123.123.1:19500 gets redirected > to a different internal server, machine beta. > > Any ideas? I would prefer not to have to use up a bunch of IP's to do one-to-one NAT. > > Thanks in advance, all! > > Regards, > > -Todd > > _____________________________________________________________ > Want a new web-based email account ? ---> http://www.firstlinux.net > > ================================================================================ > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================================================
================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================


_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at http://profiles.msn.com.

================================================================================
    To unsubscribe from this mailing list, please see the instructions at
              http://www.checkpoint.com/services/mailing.html
================================================================================

Follow-Ups:
- Re: [FW1] Hiding multiple servers behind 1 IP address
  - From: [email protected] (Carl E. Mankinen)

Prev by Date: RE: [FW1] NAT across a VPN - brain teaser challenge - read carefu lly
Next by Date: [no subject]
Previous by thread: Re: [FW1] Hiding multiple servers behind 1 IP address
Next by thread: Re: [FW1] Hiding multiple servers behind 1 IP address
Index(es):
- Date
- Thread