[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Source + Destination NAT
Hi Rani, Your NAT should include two rules for it. Original packet Translated Packet Source Destination Service Source Destination Service SERVER Any Any External_IP_of_SERVER Original Original Any External_IP_of_SERVER Any Original Server Original The translated source can't logically be your firewall IP address in this case. Hope it will help you. Regards, Chandra -----Original Message----- From: Chouha, Rani [mailto:[email protected]] Sent: Tuesday, May 01, 2001 11:26 AM To: '[email protected]' Subject: [FW1] Source + Destination NAT Hello all, Is there a way to do Source and Destination NAT at the same time using Firewall-1 version 4.1 ? I have an object named SERVER defined to be 192.168.10.1. I did not check the NAT checkbox. I created an object called External_IP_of_SERVER with the external routable IP (and created arp + route on the firewall). I created a NAT rule similar to the following: Source Dest Service ANY External_IP_of_SERVER ANY Internal_IP_of firewall SERVER Original and I am getting the following error when compiling: Invalid <Any> in Source of Address Translation Rule 19. <Any> is valid only if the matching Translated column is <Original>. Can anybody point me to the right direction ? Thank You. Rani _____________________________________________________________________ IMPORTANT NOTICES: This message is intended only for the addressee. Please notify the sender by e-mail if you are not the intended recipient. If you are not the intended recipient, you may not copy, disclose, or distribute this message or its contents to any other person and any such actions may be unlawful. Banc of America Securities LLC("BAS") does not accept time sensitive, action-oriented messages or transaction orders, including orders to purchase or sell securities, via e-mail. BAS reserves the right to monitor and review the content of all messages sent to or from this e-mail address. Messages sent to or from this e-mail address may be stored on the BAS e-mail system. ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|