[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] Anti-spoofing
Everyone, I currently have the following setup. FW1 4.1 Sp3 with 3 interfaces External 216.X.X.X /28 DMZ - 172.16.X.X /16 Internal 192.168.25.0 /24 On the firewall, the internal interface is connected directly to a cisco 3640 router with the IP address of 192.168.25.10 The other ethernet interface of that router is 192.168.10.X /24. This is the network where all users/pc are located In addition, on the 192.168.10.X network, there is an smtp server that is accessed from the outside(Dont worry, im moving it to the DMZ, one thing at a time! ) Firewall IP's: outside - 216.X.X.X DMZ - 172.16.1.1 Inside 192.168.25.1 Router - Outside Interface- 192.168.25.10 Inside Interface - 192.168.10.1 /24 SMTP server - 192.168.10.10 - Static NAT 216.X.X.X My questions is, how do I setup antispoofing for the internal interface? The other interfaces will be others(outside) and this net(DMZ). Im thinking internal should be specific with the 192.168.10.X network and the 192.168.25.X network and the valid outside address of the SMTP server. is this correct? Any help would be appreciated. Thanks Brian ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|