NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Question on ip forwarding



In general -- under version 4.1 -- you could either create automatic rules
or manually create your NAT rules.  I am not familiar with NG, but I believe
the basics are the same as below with a few automatic options.

automoatic NAT
===========
1. create a workstation object.
2. use the actual ip under the first tab.
3. click on NAT tab
4. put checkmark in "create automatic translation"
5. select STATIC
6. put external IP address (the one not actually on the box).
7. add a PROXY ARP MAC address using the external MAC for the external ip
address.

manual NAT
=========
1. create a workstation object with the external ip address.
2. create a workstation object with the internal ip address
3. click on "network address translation tab"
4. add two rules (if there are other rules already there, make sure there is
not logic conflict).
5. for rule one, put external ip workstation object in original destination.
6. for rule one, put internal ip workstation object in translated
destination.
7. for rule two, put internal ip workstation object in original source.
8. for rule two, put external ip workstation object in translated source.
9. add a PROXY ARP MAC address using the external MAC for the external ip
address.

If you did not do the above, what steps did you do to NAT the external IP?

Bill
----- Original Message -----
From: "Conrad Ng" <[email protected]>
To: <[email protected]>
Sent: Tuesday, June 18, 2002 8:59 PM
Subject: [FW-1] Question on ip forwarding


> Dear all
>
> I have got an external ip need to forward to an internal ip under
Checkpoint
> Firewall-1. Actually I have already added the rules in the Naming
> Translation tab. However, I donno why I still can't access to the
> destination using the external ip. Is there any order that I need to
follow?
> Am I missed anything except from adding the rules into the firewall? I
> really hope someone can help me as I am really a newbie to this
application.
> Thanks a lot!!!
>
> Conrad Ng
>
>
> ______________________________________________________
>
> Scott Wilson Ltd celebrates its new name during its 50th year in Hong
Kong!
>
> This e-mail and any attachments to it are intended only for the party to
> whom they are addressed. They may contain privileged and/or confidential
> information. If you have received this transmission in error please notify
> the sender immediately and delete any digital copies and destroy any paper
> copies. Thank you.
>
> Scott Wilson accepts no contractual liabilities or commitments arising
from
> this e-mail unless subsequently confirmed by fax or letter or as an e-mail
> attachment giving company name, address, registration number and
authorized
> signatory.
> ______________________________________________________
>
> =================================================
> To set vacation, Out Of Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.