[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] When are addresses translated with Hide NAT?
The idea that the addresses are translated only when leaving the external interface is incorrect. Most likely your NAT rule is Internal_Nets ANY translate to Hide_Address. Your DMZ is falling under the ANY category. Just add a rule above that NAT rule saying Internal_Nets DMZ Original Original. You probably also need the reverse, DMZ-Internal_Nets Orig Orig. -----Original Message----- From: Kinsey, Brian A. [mailto:[email protected]] Sent: Wednesday, March 28, 2001 4:07 PM To: '[email protected]' Subject: [FW1] When are addresses translated with Hide NAT? I am using Hide NAT to allow my Internal network access to the Internet through my External (registered) Interface of my firewall. I was under the impression that addresses would be translated to the Hide address as the packets pass through the external (registered) interface. I have now seen on servers in two different DMZs where it says the source IP was the address I have set up as the Hide address when the packet originated from my internal network. Is this normal behavior? Are the addresses translated when they enter the firewall and not when the exit a certain interface? My setup us FW-1 4.1 SP3 on Win NT 4.0 SP5. TIA ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|