NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] The problem that we have for long time, pls help-picture and expl aination attached



Hi,

1) ARP. Your ARP entry is correct.

2) NAT Rules.
  You want your 10.10.10.68 Workstation to be seen as 55.55.55.200.
The following will do (static):
Src IP       Dest IP      Serv    Xl Src    Xl Dest
Any          55.55.55.200 Any     Orig      10.10.10.68 (s)
The above means: if a packet arrives with any src ip, a dest ip of
55.55.55.200 to any service, xlate it to its orig src ip, and dest ip
of 10.10.10.68. This rule will be used when any workstation tries to
contact 55.55.55.200.

Src IP       Dest IP     Serv  Xl Src          Xl Dest
10.10.10.68  Any         Any   55.55.55.200(s) orig
This rule will be used for the return packets.

3) Routing.
Routing is done BEFORE NAT. So you should tell your OS that if a packet
 must be routed to 55.55.55.200, it must go through gateway
10.10.10.68.
The following command will do:
route add 55.55.55.200 10.10.10.68 1 (on Solaris... I'm a Unix admin. I
use NT only for GUIs)

With this configuration, it should work.

PS: Please use ASCII art to write your diagram next time, it's quite
time-consuming to have to open word or a .doc viewer to read your
message.

--- "Sim, CT (Chee Tong)" <[email protected]> a écrit : >
Dear all,
> 
> I need to access a WSS server on the DMZ zone using a fake address on
> my
> localnet.  Full explaination and picture are shown in the attachment
> below.
> Picture is simple, pls take a look and help me.
> 
> Thank you very much
> Tong
>  


___________________________________________________________
Do You Yahoo!? -- Pour dialoguer en direct avec vos amis, 
Yahoo! Messenger : http://fr.messenger.yahoo.com


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.