Re: [FW-1] NAT:FW as a proxy?

[Beatriz Tapia López <btl@FW1-NOSPAMTID.ES>]

Thanks Jesus,

 

I think I didn't explain it correctly. What I would like to do is that people from one of my networks can connect to the firewall through 8010 port and really get connected to another host (in the net protected by firewall) through http.

 

Best regards,

 

Beatriz

----- Original Message -----

From: Jesus Calvo Hernandez

To: FW-1-MAILINGLIST@beethoven.us.checkpoint.com

Sent: Monday, March 04, 2002 1:58 PM

Subject: Re: [FW-1] NAT:FW as a proxy?

Hi

You´re not translating host 1 internal ip address, so you won´t get to the
internet if that is what you intend

I suppose 8010 port is the tcp port in which your proxy server is running;
you do not need it at all in this scenario; what you must do
is create an object with an external routable internet address in the range
of the ones hired to your isp (let´s call it mycompanynat) and map
every internal address to that ip:


source              destination      service
       source                    destination                  service

host
1               internet           http
mycompanynat                =original                    =original



hope this helps

best regards

At 13:24 04/03/2002 +0100, yo
>Hi,
>
>I would like to use my firewall as a proxy for some connections. Is this
>possible?
>I tried it using NAT. I wrote a rule like this:
>
>Original Packet                                Translated Packet
>--------------------------------------------------------------------------------------------------
>Source    Destination    Service           Source    Destination    Service
>Host1      firewall          8010 port        Host1     Host2            http
>
>It doesn't work. How may I do it?
>
>Thanks very much,
>
>Beatriz

Jesus Calvo
SchlumbergerSema Spain
Albarracin 25
28037-Madrid

------------------------------------------------------------------
This email is confidential and intended solely for the use of the individual to whom it is addressed. Any views or opinions presented are solely those of the author and do not necessarily represent those of SchlumbergerSema.
If you are not the intended recipient, be advised that you have received this email in error and that any use, dissemination, forwarding, printing, or copying of this email is strictly prohibited.
------------------------------------------------------------------

---

Hi

You´re not translating host 1 internal ip address, so you won´t get to the internet if that is what you intend

I suppose 8010 port is the tcp port in which your proxy server is running; you do not need it at all in this scenario; what you must do
is create an object with an external routable internet address in the range of the ones hired to your isp (let´s call it mycompanynat) and map
every internal address to that ip:


source              destination      service                                      source                    destination                  service

host 1               internet           http                                   mycompanynat                =original                    =original



hope this helps

best regards

At 13:24 04/03/2002 +0100, yo

Hi,
 
I would like to use my firewall as a proxy for some connections. Is this possible?
I tried it using NAT. I wrote a rule like this:
 
Original Packet                                Translated Packet
--------------------------------------------------------------------------------------------------
Source    Destination    Service           Source    Destination    Service
Host1      firewall          8010 port        Host1     Host2            http
 
It doesn't work. How may I do it?
 
Thanks very much,
 
Beatriz

Jesus Calvo     
SchlumbergerSema Spain
Albarracin 25
28037-Madrid