[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [FW1] : Nat Issue
Title: RE: [FW1] : Nat Issue
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Not sure if I fully understand, but it appears that you may be able
to solve the problem by putting a NAT rule above your hide (internet
access) rule like this:
Original Packet:
Source: (intranets)
Destination: (intranets)
Service: Any
Translated Packet:
Source: original
Destination: original
Service: original
Then put you internet NAT rule below that. This will ensure that
your firewall will only apply the NAT rule if the packets are truly
not bound for any of your intranets.
If this isn't the issue (i.e. I've missed the point), please repost
with further information.
HTH
Dan Hitchcock
CCNA, CCSE, MCSE
Security Analyst
Breakwater Security Associates
[email protected]
http://www.breakwatersecurity.com
- -----Original Message-----
From: Rizzi, Timothy [mailto:[email protected]]
Sent: Thursday, February 22, 2001 2:45 PM
To: [email protected]
Subject: [FW1] : Nat Issue
Greetings all,
Have CPFW1 4.1 running on NT 4. Firewall has 4 legs. One leg is to
the Internet the others to intranets. Have object that has hidden
nat rule for Internet Access. When Nat rule is applied can surf the
internet from that host, can ping other intranet devices, but can't
authenticate nor map drives. Any Any rules are applied. When I take
the NAT rule off, leave Any Any rules intact can map drives,
authenticate to PDCs, but then cannot surf the net.
Need to do both.
Any advice will be appreciated. Thank you in advance.
- -Tim
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>
iQA/AwUBOpWuiHc+WUForszMEQIlcgCfeqPRVGA2jA8SDfZeFdiPHL2HahMAoOkY
8IRUv0wlFNDz7QlJ6JzTjIyv
=nkYp
-----END PGP SIGNATURE-----