[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] RE: NAT - Manual or Auto??
Well, didn't want to start a flame war on the topic. I agree that auto NAT is the right choice in very small environments. But i can think of many occasion where simple automatic static NAT rule are not sufficient, not even for a SMTP-Server. I'll retire from this thread now. Best Regards, Daniel Wirth Consultant Network Security _____________________________________________________ Daniel Wirth Systemberater Netzwerksicherheit IQproducts GmbH Max-Planck-Str. 5, 80609 Dornach Tel.: ++49 89 944940-0 Fax.: ++49 89 944940-50 eMail: [email protected] http://www.iqproducts.de _____________________________________________________ Bitte beachten Sie fuer Ihre Supportanfragen: Tel.: ++49 89 944940-77 eMail: [email protected] IQproducts ist ein Unternehmen der Systematics AG > -----Original Message----- > From: Steven Zimmerman [mailto:[email protected]] > Sent: Thursday, May 31, 2001 12:06 AM > To: 'Daniel Wirth'; Juppunov, George; > [email protected] > Subject: RE: [FW1] RE: NAT - Manual or Auto?? > > > What happened to adding a new rule at the top of the Auto NAT rules? I do > it all the time. There are times that auto NAT is OK to use and there are > other times that you MUST use manual NAT. I think that they can > and should > be used in conjunction if needed. Why do a manual NAT for an SMTP server > for example? > > Steven > > > -----Original Message----- > From: Daniel Wirth [mailto:[email protected]] > Sent: Wednesday, May 30, 2001 3:03 AM > To: Juppunov, George; [email protected] > Subject: RE: [FW1] RE: NAT - Manual or Auto?? > > > HI Check Point Admins, > > the main advantage for manual NAT is the possiblity to change the > orders of > your NAT-rules according to your needs. AUto-NAT rules are always > positioned > at top of your NAT-rulebases and you can't put any rules above. > For example, > if you hide- NAT an entire Network but you you like to static- NAT one or > two devices, you'll have fits until you make it with auto-NAT. If > you start > doing manual NAT, you'll feel familiar with it soon and realize it isn't > more difficult. > > Auto- NAT is ok for very small environments where you have just one or two > NAT-rules at all. > > Regards, > Daniel Wirth > Consultant Network Security > _____________________________________________________ > Daniel Wirth Systemberater Netzwerksicherheit > IQproducts GmbH Max-Planck-Str. 5, 80609 Dornach > Tel.: ++49 89 944940-0 Fax.: ++49 89 944940-50 > eMail: [email protected] http://www.iqproducts.de > _____________________________________________________ > Bitte beachten Sie fuer Ihre Supportanfragen: > Tel.: ++49 89 944940-77 eMail: [email protected] > > IQproducts ist ein Unternehmen der Systematics AG > > > -----Original Message----- > > From: [email protected] > > [mailto:[email protected]]On Behalf Of > > Juppunov, George > > Sent: Tuesday, May 29, 2001 5:35 PM > > To: [email protected] > > Subject: [FW1] RE: NAT - Manual or Auto?? > > > > > > > > How annoying is when Microsoft Word always capitalizes the first letter > > after a period or a new line? > > That's how bad auto-rules are? (BTW I still haven't figured out > > how to turn > > that thuing off). > > > > George > > > > > -----Original Message----- > > > From: Jean-Pierre Harvey > > > [mailto:[email protected]] > > > Sent: Sunday, May 27, 2001 4:36 PM > > > To: [email protected] > > > Subject: NAT - Manual or Auto?? > > > > > > Hi all, > > > > > > Over a period of time I have seen several posts claiming that NAT is > > > better set up manually in FW-1 rather than using the auto NAT > > features. I > > > also have not seen anyone defend the auto NATing. So why is > > manual NAT so > > > much better? Or, why is the automatic NATing not as good? > > > > > > Regards > > > JP > > > > > > ========================================================================== > > > ====== > > > To unsubscribe from this mailing list, please see the > > instructions at > > > http://www.checkpoint.com/services/mailing.html > > > > > > ========================================================================== > > > ====== > > > > > > > > > > > _____________________________________________________________________ > > IMPORTANT NOTICES: > > This message is intended only for the addressee. Please > > notify the > > sender by e-mail if you are not the intended recipient. If you > are not the > > intended recipient, you may not copy, disclose, or distribute > this message > > or its contents to any other person and any such actions may be > unlawful. > > > > Banc of America Securities LLC("BAS") does not accept time > > sensitive, action-oriented messages or transaction orders, > > including orders > > to purchase or sell securities, via e-mail. > > > > BAS reserves the right to monitor and review the content of all > > messages sent to or from this e-mail address. Messages sent to or > > from this > > e-mail address may be stored on the BAS e-mail system. > > > > > > > > > > ================================================================== > > ============== > > To unsubscribe from this mailing list, please see the > instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================================== > > ============== > > > > > > ================================================================== > ========== > ==== > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================================== > ========== > ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|