[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] single static IP for NAT
this is the way to do nat, so nothing crude about it... -from external router, route legal ip's to the fw's outside -create the object on the fw, define the legal and illegal addresses -add a route on the fw: route add <legal ip> <illegal ip> corne > -----Original Message----- > From: [email protected] > [mailto:[email protected]]On > Behalf Of Dan > Guinn > Sent: Thursday, February 15, 2001 7:03 PM > To: Fw-1-Mailinglist > Subject: RE: [FW1] single static IP for NAT > > > > I have had the same problems as well... > > as a work-around, I put a static route in on my router to the > firewall for > the addresses to be natted, and a static route on the > firewall routing the > external statics to the appropriate internal address. Kinda > crude, but it > works. > > Dan Guinn > NetStar Communications > > -----Original Message----- > From: Michael Wozniak [mailto:[email protected]] > Sent: Thursday, February 15, 2001 11:21 AM > To: Fw-1-Mailinglist > Subject: RE: [FW1] single static IP for NAT > > > > > Kai, I assume by your .sig, you are running FW-1 on Linux. I > am having > the same problem and Checkpoint has been unable to help me so > far (I have > 9 10/100 interfaces and various reserved and non-reserved subnets with > assorted types of NAT in all directions but I can't even get > Static NAT > to work with just 2 interfaces.) I am attempting in install > on NT as an > interim measure. > > Can anyone suggest a configuration of Linux that FW-1 works with? > > Mike > > > -----Original Message----- > > From: [email protected] > > [mailto:[email protected]]On > Behalf Of Kai > > Kretschmann > > Sent: Thursday, February 15, 2001 00:26 > > To: [email protected] > > Subject: [FW1] single static IP for NAT > > > > > > > > Once more and more detailed question: > > I reduced my rules to the bare nedded once. I have a rule for > > incoming http > > which I permit to a internal host which has a private IP. > > > > It is static NATed to the firewalls external interface. I > can see the > > accepted packets in the log and they even get translated > from the old > > destination (the firewall) to the new one (the internal > host). I can see > > via snoop on the external i/f the incoming request but I don't > > see anything > > going out of the firewall again via snoop on the internal device. > > > > Is there anything I missed with routing, arp etc? I don't > think it should > > be needed, as the two interfaces on the firewall are well known > > to solaris, > > the servers can be pinged happily. > > > > I really need a detailed example of a working very simple net, > > one real IP, > > a private local net and one service (http) allowed to come in. > > Please, :-) > > > > > > -- > > "The software said it requires Windows 95 or better, so I > installed Linux" > > > > M.I.T newmedia Tel. 06172-7100-139 > > Am Zollstock 1 FAX 06172-7100-10 > > D- 61381 Friedrichsdorf > > > > > > > > ================================================================== > > ============== > > To unsubscribe from this mailing list, please see the > instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================================== > > ============== > > > > ============================================================== > ============== > ==== > To unsubscribe from this mailing list, please see the > instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================== > ============== > ==== > > > ============================================================== > ================== > To unsubscribe from this mailing list, please see the > instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================== > ================== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|