| |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW-1] Checkpoint NG, NAT & Routing
- To: [email protected]
- Subject: Re: [FW-1] Checkpoint NG, NAT & Routing
- From: Hal Dorsman <[email protected]>
- Date: Tue, 19 Feb 2002 08:29:47 -0700
- Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
- Sender: Mailing list for discussion of Firewall-1 <[email protected]>
- Thread-index: AcG5WLqpEsxVbpJ9QIC4fCmOmTF5bQAASskA
- Thread-topic: [FW-1] Checkpoint NG, NAT & Routing
The easiest workaround is to use the local private IP
to identify the web server. You can do this is Solaris
by putting files before dns in nsswitch.conf and putting
the name/private IP in /etc/hosts.
Hal
> -----Original Message-----
> From: Andrea Paparelli [mailto:[email protected]]
> Sent: Tuesday, February 19, 2002 7:41 AM
> To: [email protected]
> Subject: [FW-1] Checkpoint NG, NAT & Routing
>
>
> Hi all.
> I've a problem with a web server and NAT.
>
> - Multihomed Solaris 7 Checkpoint NG, one network attached to a NIC
> needs
> to go to Internet.No problem at all, set up a "hide" NAT and
> everything
> goes
> ok. The problem comes up when this network wants to see a
> particular web
> server.
> The public address of the web site is "outside" the firewall and point
> to a load balancer
> that redirects requests back to the firewall and towards another NIC
> where the balanced servers
> reside.The webservers are NAT'ed by the firewall himself so
> the request
> gets dropped by the
> antispoofing feature. If the client request the single web server it
> works, if it points to the "real" web server it won't.Is there any
> solution to bypass this problem?
>
> Regards
> Andrea
>
> ==========================================
> Andrea Paparelli
> Senior System Administrator
>
> E-mail: [email protected]
> www.integra-europe.it www.genuity.com
>
> Integra is now part of Genuity
> Integra / Genuity
> Via Muzio Attendolo 4
> I-20141 Milano Italy
> Tel.: +39 02 45444.1
> Fax.: +39 02 45444.300
> ==========================================
>
> =================================================
> To set vacation, Out Of Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================
>
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================
|
|
