Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Outbound NAT on INTERNAL interface (rollover from Gauntlet)

To: "Jason Frankum" <[email protected]>, <[email protected]>
Subject: RE: [FW1] Outbound NAT on INTERNAL interface (rollover from Gauntlet)
From: "Lars Troen" <[email protected]>
Date: Mon, 9 Jul 2001 11:02:03 +0200
Importance: Normal
In-reply-to: <[email protected]>
Sender: [email protected]

Muknarf,
This can be easily done with firewall-1 too. Just make a workstation object
containing the internal ip address of the firewall. Make a NAT rule where
you use this object to hide the internal networks behind. You might also
need to hide your firewall's external ip address behind this address, and
it's possible to make a similar rule for that (if you need external access
from the firewall itself).

Lars

-----Original Message-----
From: [email protected]
[mailto:[email protected]]On Behalf Of
Jason Frankum
Sent: Friday, July 06, 2001 23:11
To: [email protected]
Subject: [FW1] Outbound NAT on INTERNAL interface (rollover from
Gauntlet)



All,

This is NOT my setup, so please be gentle.

I am converting a Gauntlet 5.0 on BSDI to CP 4.1 SP3 on Solaris 2.6.  They
are sitting side by side on the same subnet, with a choke router inside and
out, and each 3rd party connection is being rolled over one at a time.  It
is an Extranet setup, with no DMZ.  The Gauntlet has the capability to NAT
the private internal networks' source addresses outbound to the address of
the internal interface of the firewall.  I am struggling trying to find if
or how it can be done on the CheckPoint.

I cannot do the NAT on the external interface of the CP because the
applications of some of the connections we are converting are in-house
designed to use the address of the internal interface of the existing
firewall for gateway communication.  Changing the routing inside the
firewall is not an option due to the routing issues and the number of
firewalls they have.  If any of you has any ideas I would appreciate the
input.

Thanks,

Muknarf
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com



============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

References:
- [FW1] Outbound NAT on INTERNAL interface (rollover from Gauntlet)
  - From: "Jason Frankum" <[email protected]>

Prev by Date: RE: [FW1] Sizing Recommendations
Next by Date: [FW1] VOIP between cisco routers with FW-1
Previous by thread: [FW1] Outbound NAT on INTERNAL interface (rollover from Gauntlet)
Next by thread: [FW1] Outbound NAT on INTERNAL interface (rollover from FW1 to Gauntlet)
Index(es):
- Date
- Thread