|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] RE: NAT - Manual or Auto??
I had the same problem with an Auto Nat. One day, it just stopped working so I did a manual NAT (The exact as the Auto NAT) and that fixed the problem. Still unable to figure out why though... Steven -----Original Message----- From: Juppunov, George [mailto:[email protected]] Sent: Thursday, May 31, 2001 12:19 PM To: [email protected] Subject: RE: [FW1] RE: NAT - Manual or Auto?? Dave, have you tried recreating your object. Sometimes that helps. George -----Original Message----- From: [email protected] [mailto:[email protected]] Sent: Thursday, May 31, 2001 7:59 AM To: Daniel Wirth Cc: [email protected]; Juppunov, George Subject: RE: [FW1] RE: NAT - Manual or Auto?? Um, sorry Daniel, but you can most certainly put manual NAT rules above the automatic ones. I use a combination of auto and manual rules. The auto rules cover Internet connectivity, and then my manual rules go above the manual rules to handle other cases such as traffic that is going between hosts, through the firewall, but I don't want any translation. With that in mind, I've got an open case with Checkpoint regarding an automatic NAT rule that has stopped working. It's been about two weeks, and they don't have an answer yet. The "fix" for now was to create a manual NAT rule. Dave Grabowski System Arts, Inc.[Easy to remember as 6-Hockey-Hero] [email protected] |--------+----------------------------------------------> | | "Daniel Wirth" | | | <[email protected]> | | | Sent by: | | | [email protected]| | | kpoint.com | | | | | | | | | 05/30/2001 03:03 AM | | | | |--------+----------------------------------------------> >--------------------------------------------------------------------------- --------------------------------| | | | To: "Juppunov, George" <[email protected]>, | | <[email protected]> | | cc: | | Subject: RE: [FW1] RE: NAT - Manual or Auto?? | >--------------------------------------------------------------------------- --------------------------------| HI Check Point Admins, the main advantage for manual NAT is the possiblity to change the orders of your NAT-rules according to your needs. AUto-NAT rules are always positioned at top of your NAT-rulebases and you can't put any rules above. For example, if you hide- NAT an entire Network but you you like to static- NAT one or two devices, you'll have fits until you make it with auto-NAT. If you start doing manual NAT, you'll feel familiar with it soon and realize it isn't more difficult. Auto- NAT is ok for very small environments where you have just one or two NAT-rules at all. Regards, Daniel Wirth Consultant Network Security _____________________________________________________ Daniel Wirth Systemberater Netzwerksicherheit IQproducts GmbH Max-Planck-Str. 5, 80609 Dornach Tel.: ++49 89 944940-0 Fax.: ++49 89 944940-50 eMail: [email protected] http://www.iqproducts.de _____________________________________________________ Bitte beachten Sie fuer Ihre Supportanfragen: Tel.: ++49 89 944940-77 eMail: [email protected] IQproducts ist ein Unternehmen der Systematics AG > -----Original Message----- > From: [email protected] > [mailto:[email protected]]On Behalf Of > Juppunov, George > Sent: Tuesday, May 29, 2001 5:35 PM > To: [email protected] > Subject: [FW1] RE: NAT - Manual or Auto?? > > > > How annoying is when Microsoft Word always capitalizes the first letter > after a period or a new line? > That's how bad auto-rules are? (BTW I still haven't figured out > how to turn > that thuing off). > > George > > > -----Original Message----- > > From: Jean-Pierre Harvey > > [mailto:[email protected]] > > Sent: Sunday, May 27, 2001 4:36 PM > > To: [email protected] > > Subject: NAT - Manual or Auto?? > > > > Hi all, > > > > Over a period of time I have seen several posts claiming that NAT is > > better set up manually in FW-1 rather than using the auto NAT > features. I > > also have not seen anyone defend the auto NATing. So why is > manual NAT so > > much better? Or, why is the automatic NATing not as good? > > > > Regards > > JP > > > ========================================================================== > > ====== > > To unsubscribe from this mailing list, please see the > instructions at > > http://www.checkpoint.com/services/mailing.html > > > ========================================================================== > > ====== > > > > > > > _____________________________________________________________________ > IMPORTANT NOTICES: > This message is intended only for the addressee. Please > notify the > sender by e-mail if you are not the intended recipient. If you are not the > intended recipient, you may not copy, disclose, or distribute this message > or its contents to any other person and any such actions may be unlawful. > > Banc of America Securities LLC("BAS") does not accept time > sensitive, action-oriented messages or transaction orders, > including orders > to purchase or sell securities, via e-mail. > > BAS reserves the right to monitor and review the content of all > messages sent to or from this e-mail address. Messages sent to or > from this > e-mail address may be stored on the BAS e-mail system. > > > > > ================================================================== > ============== > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================================== > ============== > ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== _____________________________________________________________________ IMPORTANT NOTICES: This message is intended only for the addressee. Please notify the sender by e-mail if you are not the intended recipient. If you are not the intended recipient, you may not copy, disclose, or distribute this message or its contents to any other person and any such actions may be unlawful. Banc of America Securities LLC("BAS") does not accept time sensitive, action-oriented messages or transaction orders, including orders to purchase or sell securities, via e-mail. BAS reserves the right to monitor and review the content of all messages sent to or from this e-mail address. Messages sent to or from this e-mail address may be stored on the BAS e-mail system. ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
