[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] Unwanted NAT to DMZ from Internal
--- John Qian <[email protected]> wrote: > Hi all, > I'm using NAT from Internal network 10.10.0.0 to > External network 207.x.x.0 (Hide & Static). Now I > try to use DMZ 198.x.x.0 which has public ip > addresses. My plan is not to NAT bet. DMZ & > External, No NAT bet. Internal & DMZ, just keep > existing NAT bet. Internal & External. > I noticed my traffic from Internal to DMZ is > translated to Hide ip address ( 207.x.x.x) before it > reach DMZ host. > Is my plan ok ? > How can I make sure traffic Bet. Internal & DMZ go > straight without NAT ? > Anyone has sample rule config ? > > Thanks > John Qian > You have to make a NAT rule bet. Internal & DMZ that don't change the ip addresses. It should looks like that: Original Packet Source = Internal Destination = DMZ Protocol = Any Translated Packet Source = Original Destination = Original Protocolo = Original So all the traffic bet Internal & DMZ should use this NAT rule (that doesn't NAT). The traffic bet Internal & External will continue using the other NAT rule that you have. Best regards Key Chavez __________________________________________________ Do You Yahoo!? Yahoo! Auctions - Buy the things you want at great prices. http://auctions.yahoo.com/ ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|