Search
	display results
words begin exact words any words part
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [FW1] RE: NAT - Manual or Auto??

To: [email protected]
Subject: RE: [FW1] RE: NAT - Manual or Auto??
From: "Juppunov, George" <[email protected]>
Date: Wed, 30 May 2001 09:05:00 -0700
Sender: [email protected]
Very true.

Another problem I've encountered with Auto-NAT is that sometimes 
you only want to NAT for specific oubound connections, rather then all of
them.

Auto-NAT would not give you the granularity and flexubility to setup a
connection
where you want to NAT your admin station for ssh out to the world but not
NAt for 
let's say not telnet to the DMZ etc.

George

-----Original Message-----
From: Daniel Wirth [mailto:[email protected]]
Sent: Wednesday, May 30, 2001 12:03 AM
To: Juppunov, George; [email protected]
Subject: RE: [FW1] RE: NAT - Manual or Auto??



HI Check Point Admins,

the main advantage for manual NAT is the possiblity to change the orders of
your NAT-rules according to your needs. AUto-NAT rules are always positioned
at top of your NAT-rulebases and you can't put any rules above. For example,
if you hide- NAT an entire Network but you you like to static- NAT one or
two devices, you'll have fits until you make it with auto-NAT. If you start
doing manual NAT, you'll feel familiar with it soon and realize it isn't
more difficult.

Auto- NAT is ok for very small environments where you have just one or two
NAT-rules at all.

Regards,
Daniel Wirth
Consultant Network Security
_____________________________________________________
Daniel Wirth         Systemberater Netzwerksicherheit
IQproducts GmbH      Max-Planck-Str. 5, 80609 Dornach
Tel.: ++49 89 944940-0        Fax.: ++49 89 944940-50
eMail: [email protected]  http://www.iqproducts.de
_____________________________________________________
Bitte beachten Sie fuer Ihre Supportanfragen:
Tel.: ++49 89 944940-77  eMail: [email protected]

IQproducts ist ein Unternehmen der Systematics AG

> -----Original Message-----
> From: [email protected]
> [mailto:[email protected]]On Behalf Of
> Juppunov, George
> Sent: Tuesday, May 29, 2001 5:35 PM
> To: [email protected]
> Subject: [FW1] RE: NAT - Manual or Auto??
>
>
>
> How annoying is when Microsoft Word always capitalizes the first letter
> after a period or a new line?
> That's how bad auto-rules are? (BTW I still haven't figured out
> how to turn
> that thuing off).
>
> George
>
> >  -----Original Message-----
> > From: 	Jean-Pierre Harvey
> > [mailto:[email protected]]
> > Sent:	Sunday, May 27, 2001 4:36 PM
> > To:	[email protected]
> > Subject:	NAT - Manual or Auto??
> >
> > Hi all,
> >
> > Over a period of time I have seen several posts claiming that NAT is
> > better set up manually in FW-1 rather than using the auto NAT
> features. I
> > also have not seen anyone defend the auto NATing. So why is
> manual NAT so
> > much better? Or, why is the automatic NATing not as good?
> >
> > Regards
> > JP
> >
> ==========================================================================
> > ======
> >      To unsubscribe from this mailing list, please see the
> instructions at
> >                http://www.checkpoint.com/services/mailing.html
> >
> ==========================================================================
> > ======
> >
> >
> >
> _____________________________________________________________________
> IMPORTANT NOTICES:
>           This message is intended only for the addressee. Please
> notify the
> sender by e-mail if you are not the intended recipient. If you are not the
> intended recipient, you may not copy, disclose, or distribute this message
> or its contents to any other person and any such actions may be unlawful.
>
>          Banc of America Securities LLC("BAS") does not accept time
> sensitive, action-oriented messages or transaction orders,
> including orders
> to purchase or sell securities, via e-mail.
>
>          BAS reserves the right to monitor and review the content of all
> messages sent to or from this e-mail address. Messages sent to or
> from this
> e-mail address may be stored on the BAS e-mail system.
>
>
>
>
> ==================================================================
> ==============
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
> ==================================================================
> ==============
>



============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


_____________________________________________________________________ 
IMPORTANT NOTICES: 
          This message is intended only for the addressee. Please notify the
sender by e-mail if you are not the intended recipient. If you are not the
intended recipient, you may not copy, disclose, or distribute this message
or its contents to any other person and any such actions may be unlawful.

         Banc of America Securities LLC("BAS") does not accept time
sensitive, action-oriented messages or transaction orders, including orders
to purchase or sell securities, via e-mail.

         BAS reserves the right to monitor and review the content of all
messages sent to or from this e-mail address. Messages sent to or from this
e-mail address may be stored on the BAS e-mail system.




================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================
Prev by Date: [FW1] Meaning of ahttpd log entry
Next by Date: RE: [FW1] Licensing
Previous by thread: RE: [FW1] RE: NAT - Manual or Auto??
Next by thread: RE: [FW1] RE: NAT - Manual or Auto??
Index(es):
- Date
- Thread