[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Benefit of HIDE NAT Behind Non-Interface IP?
It also enables you to use private addresses on the link between you and your ISP. Thus, traffic cannot be routed from the internet, to your firewall directly (assuming that on all internal interfacs, you also have private addresses) Since we have no services using static NAT on our firewall, only hide NAT for outgoing traffic, there is no public address that can be used to access a specific host on the network. At least, that's the theory... whether it holds up.. well.. I guess I'll learn that the hard way one day. :=) Cheers, Anders :=) -----Original Message----- From: Michel Toussaint [mailto:[email protected]] Sent: 9. mai 2001 20:21 To: 'Goetz, Jarrett'; [email protected] <mailto:[email protected]> Subject: RE: [FW1] Benefit of HIDE NAT Behind Non-Interface IP? It's a good habit if you can do it. This is done in order not to advertise the IP of your Firewall. Cheers, MTo -----Original Message----- From: Goetz, Jarrett [mailto:[email protected]] Sent: Wednesday, May 09, 2001 1:41 AM To: [email protected] Subject: [FW1] Benefit of HIDE NAT Behind Non-Interface IP? How would all of you rate the degree of the benefit of making your public NAT HIDE address that not of the firewall's external interface, but of another IP, only used for that particular purpose? Thanks in advance. ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|