Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Redirect trafic on FW1-4.1?

To: [email protected]
Subject: Re: [FW-1] Redirect trafic on FW1-4.1?
From: Ian Gilfillan <[email protected]>
Date: Thu, 12 Dec 2002 16:26:46 -0000
Importance: Normal
In-reply-to: <[email protected]>
Organization: Trading Sports
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

Depending on your platform it is pretty straight forward. ProxyARP the
external address then add a route between the 2 addresses with a rule
allowing specific traffic.
As for the second part, Why? Surely it would be aVPN to the internal
Address.
Ian

-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:[email protected]] On Behalf Of Johan
Sunnerstig
Sent: 12 December 2002 15:52
To: [email protected]
Subject: [FW-1] Redirect trafic on FW1-4.1?


Hi.
Im wondering if it's possible to have an internal host, let's call it
192.168.1.50, running some service, say a webserver or ftp server, and
have FW-1 redirect requests sent to a public address? Say you have one
box, 192.168.1.50, and you need to let people in to it from the outside,
but getting another box to do proxying, or putting this host on a public
address is out of the question. Is there a way to work this out with
FW-1 4.1?

I've done this with OpenBSD/PF, where the rule would look something
like: rdr on if1 proto tcp from any to 150.160.170.180 port x ->
192.168.1.50

Anything similar one can do with FW-1?

Oh and to expand on that a bit, a more hypothetical question, could one
create a VPN connection to this "fake" host(150.160....) and have that
reach the internal host as well? Something like this(sorry my graphical
abilities are...lacking, I know ( VPN_West - VPN-GW-W - Internet -
VPN-GW-E - VPN-East(fake host) ) rdr-> 192.168.1.50

If anyone can help me out here you'll make my day, a few days in fact :9

Regards
Johan
________________________________________________________________________
____
_____

How many Microsoft engineers are needed to screw a light bulb ?? None.
Microsoft declares darkness the standard.

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

Follow-Ups:
- Re: [FW-1] Redirect trafic on FW1-4.1?
  - From: Bill <[email protected]>

References:
- [FW-1] Redirect trafic on FW1-4.1?
  - From: Johan Sunnerstig <[email protected]>

Prev by Date: Re: [FW-1] Backup FP3
Next by Date: Re: [FW-1] FW-1 Linux with compiled kernel
Previous by thread: [FW-1] Redirect trafic on FW1-4.1?
Next by thread: Re: [FW-1] Redirect trafic on FW1-4.1?
Index(es):
- Date
- Thread