[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] re: [FW1] what occurs first NAT or RULEBASE
Yes.... Please reference CD 4.1.2 Secadmin.pdf Page 479 Advanced Topics Address Translation and Anti-Spoofing ...... Address Translation takes place as follows: -for a packet going from the client (the initiator of the connection) to the server, just before the packet leaves the interface closest to the server -for a packet going from the server to the client, just after the packet enters the interface closest to the server There are diagrams in the pdf that do a better job of expaining where anti-spoofing/rules/NAT occurs that one can tell in words. General rule of thumb: NAT ALWAYS happens @ the interface closest to the "server", in a client server model/ Of course, in Next Generation (5.0) it's different. Jon Date: Mon, 18 Jun 2001 16:53:23 -0400 From: Jabal P Raval <[email protected]> Subject: [FW1] what occurs first NAT or RULEBASE in checkpoint firewall-1 4.1, what occurs first, when a packet comes in, rulebase checking or address translation? Thanks/. ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|