[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] what occurs first NAT or RULEBASE
Title: RE: [FW1] what occurs first NAT or RULEBASE You are in fact
correct Tim. As traffic enters the firewall from the external interface it
is processed in the following order:
Encryption
Anti-spoofing
Rule
base
NAT
Hope this helps, -----Original Message-----
From: Tim Wolfe [mailto:[email protected]] Sent: Wednesday, June 20, 2001 12:40 PM To: 'Shah, Nishith'; 'Jabal P Raval' Cc: '[email protected]' Subject: RE: [FW1] what occurs first NAT or RULEBASE That
seems incorrect to me. I think you may be thinking of NAT before
routing. If NAT occurred before security policy, why would you have a web
server in a DMZ with a private IP NATed to a public IP and allow incoming
requests to the public IP? It seems like you'd have to allow incoming
requests to the private IP to make that work, if CP operates the way you think
it does... Just my .02, I'm not 100% sure.
Thanks,
Always NAT first. A CCSA question. -----Original Message----- in checkpoint firewall-1 4.1, what occurs first, when a packet
comes in, rulebase Thanks/. ================================================================================
|