NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Accessing Servers via Public IPs from Private Network



You need to add a line at the top of your Nat tables to read the following.

                        Orginal Pactket                                         Destination Packet


Source          Destination             service         Source          Destination             Service

DMZ_Net         Server Public IP  Choose one            Firewall                Server Private ip               =orginal
NON-Routable

Just have 2 objects for your server one with the public IP and one with the
private IP and set it up as i have showed you.
Make sure you add this rule above all other transulation rules that include
any of these objects.

Good Luck
Shane Hambleton
CCSA-CCSE-CCSI



-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:[email protected]]On Behalf Of
[email protected]
Sent: Wednesday, October 17, 2001 1:30 PM
To: [email protected]
Subject: [FW-1] Accessing Servers via Public IPs from Private Network


Can someone tell me if the following is possible with
Checkpoint 4.1?

I'm setting up a DMZ (ie. a NATted Private network)
which will have both servers and workstations, say
using the IP network 192.168.1.0/24.

Some of the servers that I'm setting up within the
private network will be accessible from the Internet
via Public IPs. This requires a public DNS server to
distribute the public IP.  For this example say the
public IP of the server is 11.11.11.11 and the private
IP of the server is 192.168.1.11.

I've got this setup and working.  When I access
www.test.com (11.11.11.11) I get the server within the
private network.

My question is, can the workstations within the
private network also access the same server via the
public IP?

I cannot seem to access the server using the public IP
from a workstation within the same network.  If I use
the private IP (192.168.1.11) of the server everything
works fine.

Is there a way to configure Checkpoint to allow that
or am I forced to setup a DNS server within the
private network and distribute the private IP when
accessing www.test.com?

Thanks.
X

__________________________________________________
Do You Yahoo!?
Make a great connection at Yahoo! Personals.
http://personals.yahoo.com

===============================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
===============================================

===============================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
===============================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.