[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] DMZ and NAT setup
I have been reading that the DMZ should be using legal IP numbers from our provider as opposed to Hidden NAT with a static NAT assigned to it. This is how it was originally set up, then we re-did it because I was having problems assigning static NAT to other machines that were internal. I figured it was some sort of subnetting problem... So what is the best way to do the subnets of the router/firewall connection (I believe that would be ..xxx.1, and xxx.xxx.xxx.2) then the DMZ (maybe 10 or so IP numbers) and have the rest available to NAT to other internal machines if needed? Also once this is set up, what is the best way to set up the anti IP spoofing part...using internal/external and other. Please pardon what might seem like a simple questions but I am taking this over from having it set up TWICE by outside vendors and still not set up correctly. The rule base works very well (I have refined that myself) but I am in a situation where I need to add servers to the DMZ and they MUST have legal IP numbers, not NAT. (QuickTime streaming problem with Hidden NAT on INCOMMING connections). -Mike ----------------------------------- Michael Perbix - Network Hardware Technician Lower Merion School District Technology & Information Services VoiceFaxEmail: [email protected] ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|