[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] Dual static NAT to same IP address?
Hi *. I'm facing an interesting problem when trying to switch services from the old (Borderware) firewall to FW-1. We've got two boxes on two different DMZ, server A will be the external DNS server and B the News server. Both must be visible on the Internet via static NAT'ing. To preserve the configuration from the old firewall, both services must be presented to the Internet using the same IP address. I've set up manual NAT'ing src dst port src dst port dnssrv any DNS oldfw-ext = = any oldfw-ext DNS = dnssrv = newssrv any NNTP oldfw-ext = = any oldfw-ext NNTP = newssrv = I've added static arp. Here's the problem: What do I do with the routing? Now I've added a static route from oldfw-ext to dnssrv, and that service does work. However, nntp traffic to our news server is also routed to the dns server. Can this be solved with FW-1? I'm using FW1 4.0 SP5 on Solaris 2.6. /Kristian ----------------------------------------- Kristian Ejvind - [email protected] System admin at SPP Investment Management ----------------------------------------- ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|