[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] what occurs first NAT or RULEBASE
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > -----Original Message----- > From: Juppunov, George [mailto:[email protected]] > Sent: Thursday, June 21, 2001 8:50 PM > > I think when you use automatic address translation it would > do the address > translation > before making the routing decision because the NAT > information is contained > in the > object properties i.e. with the security rules. Nope. I have a habit of creating two objects for natted machines, one with the internal IP address and one with the external IP address. (I use these in groups for anti-spoofing). The rules base contains Any/Ext-IP/Service/accept, and my rules work flawlessly (eitherbound). NAT always occurs before the packets hops on the wire... Regards, Frank -----BEGIN PGP SIGNATURE----- Version: PGP Personal Privacy 6.5.8 Comment: PGP or S/MIME encrypted email preferred. iQA/AwUBOzPei5ytSsEygtEFEQLwpgCaAshPXtaQSTjEpscKkXhFzCdKyF4AoLM0 SGumx0jz8ABnbTeQo+JkmdTo =fggI -----END PGP SIGNATURE----- ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|