[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] Redirect trafic on FW1-4.1?
Reverse NAT the traffic into the internal box. This would require creating an arp entry for the external address on the firewall, a rule that would allow the traffic to the external IP for the service, and a NAT rule that would NAT the traffic to the internal box. -Aaron -----Original Message----- From: Johan Sunnerstig [mailto:[email protected]] Sent: Thursday, December 12, 2002 8:52 AM To: [email protected] Subject: [FW-1] Redirect trafic on FW1-4.1? Hi. Im wondering if it's possible to have an internal host, let's call it 192.168.1.50, running some service, say a webserver or ftp server, and have FW-1 redirect requests sent to a public address? Say you have one box, 192.168.1.50, and you need to let people in to it from the outside, but getting another box to do proxying, or putting this host on a public address is out of the question. Is there a way to work this out with FW-1 4.1? I've done this with OpenBSD/PF, where the rule would look something like: rdr on if1 proto tcp from any to 150.160.170.180 port x -> 192.168.1.50 Anything similar one can do with FW-1? Oh and to expand on that a bit, a more hypothetical question, could one create a VPN connection to this "fake" host(150.160....) and have that reach the internal host as well? Something like this(sorry my graphical abilities are...lacking, I know ( VPN_West - VPN-GW-W - Internet - VPN-GW-E - VPN-East(fake host) ) rdr-> 192.168.1.50 If anyone can help me out here you'll make my day, a few days in fact :9 Regards Johan ____________________________________________________________________________ _____ How many Microsoft engineers are needed to screw a light bulb ?? None. Microsoft declares darkness the standard. ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|