| |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW-1] NAT issue
- To: [email protected]
- Subject: Re: [FW-1] NAT issue
- From: Andrew Loh <[email protected]>
- Date: Fri, 14 Dec 2001 02:18:46 +0800
- Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
- Sender: Mailing list for discussion of Firewall-1 <[email protected]>
- Thread-index: AcGEAMcn8SAjd5AQTC68RevfYgj8mgAAT/RQ
- Thread-topic: [FW-1] NAT issue
I think you need to check up the log whether nated internal lan are
translated when connecting to dmz.
Try manually add a NAT rule the top.
Original Translated
Dmz-net internal-net any original original original
Internal-net Dmz-net any original original original
Andrew.
-----Original Message-----
From: The UNIX Mighty! [mailto:[email protected]]
Sent: Friday, December 14, 2001 12:52 AM
To: [email protected]
Subject: [FW-1] NAT issue
hey folks,
whenever I connect to any dmz-ip which are nated from internal lan, the
connection is really slow. NON nated ip are rocket fast.
any suggestions? below is the info on the firewall setup
Thanks
-Bikesh-
[email protected]
os: solaris
fw: VPN-1(TM) & FireWall-1(R) Version 4.1 Build 41510 [VPN + DES +
STRONG]
my current fw config is 3 interface: exteral, dmz, internal
my rules are as follows
1) dmz-net internal-net any accept
2) internal-net dmz-net any accept
3) internal-net any http accept
4) dmz-net any any accept
5) any dmz-ip-1 http accept
any dmz-ip-2 http accept
6) any any any drop
nat rules are as follows
hostname dmz-ip outside-ip
dmz-ip1 172.16.1.1 <outside-ip-1> static
dmz-ip2 172.16.1.2 <outside-ip-2> static
dmz-net 172.16.1.0 <firewall-ip> hide
internal-inet 172.18.1.0 <firewall-ip> hide
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
If you have any questions on how to change your
subscription options, email Ron Alcatraz at: [email protected]
=================================================
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
If you have any questions on how to change your
subscription options, email Ron Alcatraz at:
[email protected]
=================================================
|
|
