[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Port-sensitive redirection to multiple servers using on e single Hide-NAT address
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > -----Original Message----- > From: [email protected] > [mailto:[email protected]] Sent: Thursday, October 05, > 2000 8:42 PM > > Dgianna, > > If you perform this, then what is the static route on the > gateway going to > look like when the destination packet is destined for 4 or 5 > physical servers? > > Thomas Poole Somewhat irrelevant. You need the static route to route through the firewall, remember NAT occurs last on inbound connections (on the internal I/F). In my case, I have a static route set up to the default machine, not the others. However, the route is not important once the packet hits the wire. When I first tinkered with this, I thought that there maybe was an ICMP redirect that bounced the packet off the default and onto the target machine. I checked, there is none. Even with the machine, that is defined in the route entry, turned off, packets will still hit the other servers. Regards, Frank -----BEGIN PGP SIGNATURE----- Version: PGP Personal Privacy 6.5.1 Comment: PGP or S/MIME encrypted email preferred. iQA/AwUBOd1GFERKym0LjhFcEQLfJgCaA9kaKz0dSjE8teHlYzyOxcTcKz0AoMRk VTvY902KpXVhK1JAkyGr8ETB =OoNM -----END PGP SIGNATURE----- ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|