[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] gfb: NG NAT question
Hi there, Apologies for not reading through all the mailing list postings (I'm sure I'd have find the answer then without bugging u), but it's 10pm UK time and I've gotta have a firewall rolled out and I'm knackered! Can someone confirm with me that, if I have: 1)'Translate destination on client side' & 'Automatic arp Configuration' checked in Global properties 2) When using hide or static nat, I use 'Add Automatic Translation Rules' then: 1) The arp cache will not need to manually be updated with entries where the fw's external nic's mac address is mapped to additional valid ip hide or static entries 2) a route will not have to be added to the fw's routing table which routes the valid static or hide nat address to the correct internal host/s Maybe I'm misreading the Checkpoint Firewall-1 Guide, but use of Automatic Arp config & Translation Rules as well as client side translation should mean no manual arp entries or additional routing entries for NAT, right? Whatever the case, NAT is working fine for me if I hide behind the fw's valid IP, but not if I assign a hide NAT to another valid ip. Please help! Kind Regards, Gabriel _________________________________________________________________ Send and receive Hotmail on your mobile device: http://mobile.msn.com ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|