[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Nat Confusion
maybe late, sorry, but 1) In NAT tab on workstation object set to static and 208.222.222.2 2) In ARP (presuming NT) %windir%\FW1\4.1\state\local.arp set IP address of public address to MAC of FW public interface 3) Set rule in Policy Editor allowing traffic to/from NATted object 4) Set static route (presuming NT) route add -p 208.222.222.2 mask 255.255.255.255 192.168.10.1 (presuming .1 is firewall private) Erik Goldoff Systems Manager The HoneyBaked Ham [email protected] -----Original Message----- From: Rodrick Brown [mailto:[email protected]] Sent: Wednesday, October 11, 2000 8:05 PM To: [email protected] Subject: [FW1] Nat Confusion When setting up NAT on cpfw 4.1 say I define my machine web1 with an internal ip of 192.168.10.2 and web1-external ip of 208.222.222.2 how does my system know to route 208.222.222.2 to 192.168.10.1 ?? this is what is confusing me I followed the directions on phoneboy.com examples but im kind of lost here, for this kind of setup do I need to aliases 208.222.222.2 to my Firewall machine ?? Sorry for the confusion. Im trying to accomplish this: www.foobar.com is my webserver its real ip on hme0 is 192.168.10.2 How can I setup checkpoint to say if some one request a service on 208.222.222.2 it routes the packet internally to 192.168.10.2 Im also having problems when I install my rule my firewall is unable to communicate to the outside world what could be cuasing this i added the following rule to my security policy but it doesnt seem to work as one would think. src | des | ser | action | track firew any any accept long ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|