[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Hide nat using public IP...

Hi Chris,
it depends on the configuration of the Check Point.
- Hiding behind the external NIC of the Firewall is as well possible as
hiding behind a dedicated IP for NAT.
- This hiding IP can also be bound to a dynamic IP-address (e.g.
Firewall with Dial-In) in Next Generation.
- There is no restriction to 1 hiding IP for 1 Network. So you can NAT
very many networks to only 1 IP. The first point is still valid, also
for this.
Hope it helps,
best regards,
Matthias
http://www.fw-1.de

Chris Covington wrote:
> I was just curious... Other firewalls I've worked with have only their
> public IP as both the IP of the device and of the "hide NAT."  Does
> checkpoint have to have 2 Public IPs just to use the device & Hide NAT?
> If so, why?
>
> So if you have 2 non-routable networks connected to the checkpoint using
> 2 interfaces, assuming you want each network to access the public
> internet, do you have to use Hide NAT and a public IP for each?  Or can
> you have 1 Hide NAT and have all traffic pass through that interface?
>
> Chris
>

--
AERAsec Network Services and Security GmbH
Wagenberger Stra�e 1
D-85662 Hohenbrunn, Germany
http://www.aerasec.de

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================