NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

re: [FW1] what occurs first NAT or RULEBASE



Yes....
Please reference CD 4.1.2  Secadmin.pdf
Page 479
Advanced Topics
Address Translation and Anti-Spoofing
......
Address Translation takes place as follows:
-for a packet going from the client (the initiator of the connection) to the
server, just before the packet leaves the interface closest to the server
-for a packet going from the server to the client, just after the packet
enters the interface closest to the server

There are diagrams in the pdf that do a better job of expaining where
anti-spoofing/rules/NAT occurs that one can tell in words.

General rule of thumb:
NAT ALWAYS happens @ the interface closest to the "server", in a client
server model/

Of course, in Next Generation (5.0) it's different.
Jon

Date: Mon, 18 Jun 2001 16:53:23 -0400
From: Jabal P Raval <[email protected]>
Subject: [FW1] what occurs first NAT or RULEBASE

in checkpoint firewall-1 4.1, what occurs first, when a packet comes in,
rulebase
checking or address translation?

Thanks/.



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.