[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] NAT and "too many internal hosts"
Hi list, we have a problem with the increase of internal hosts and NAT. Situation: Firewall box with 25 user license. 10 internal hosts (PC´s and servers): One internal server (email) is natted to an official ip address, so that it is reachable from the internet. All works fine, but... if someone from the internet connect the email server via the natted official ip address, the internal host counter on the firewall will be increased !!!! (note: we licensed the external interface directed to the internet!) This is clear because for FW 4.1 is the rule P-R-N: policy, routing (with the external source ip address) and THEN NAT) this means all the external official source ip addresses will be seen on my INTERNAL interface and the counter will be increased. So we got "too many internal hosts" messages. My question: is there a trick to avoid this (please no upgrade to NG ;-) ) and will be something else happen, if we ignore this message e.g. that the firewall will stop working, if we not clear the counter ? TIA Michael > ---------- > Von: Bradley Jayanath[SMTP:[email protected]] > Antwort an: Mailing list for discussion of Firewall-1 > Gesendet: Monday, February 11, 2002 8:50 AM > An: [email protected] > Betreff: [FW-1] FW-1 vs PIX > > My Company is presently mulling over the idea of changing from FW1 to PIX. > Has anybody made this change? If so , why and were there any benefits? > We also use Viruswall as a CVP server with FW1.Has anybody had real life > experiences getting this to work with a PIX? > > > TIA > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= > ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|