[prev in list] [next in list] [prev in thread] [next in thread]
List: firewall-1
Subject: RE: [FW1] External to Internal NAT
From: Erik Skoog <eskoog () passkey ! com>
Date: 2000-07-31 14:24:26
[Download RAW message or body]
Thanks so much
-----Original Message-----
From: Thomas.Poole@gecits.ge.com [mailto:Thomas.Poole@gecits.ge.com]
Sent: Monday, July 31, 2000 10:24 AM
To: eskoog@passkey.com
Cc: fw-1-mailinglist@lists.us.checkpoint.com
Subject: RE: [FW1] External to Internal NAT
1) Create object using external address with static NAT selected
2) Put a 1:1 route entry on the gateway -ie, route add -p 209.1.1.1
172.10.1.1
3) Make sure you either have proxy arping on the firewall (arp on Unix,
local.arp on NT) or put a static route on your internet router so the return
packet destined for 209.1.1.1 knows to go to the firewall.
4) Use the object you created in a rule, allowing whatever traffic you want.
Thomas Poole
-----Original Message-----
From: Erik Skoog [mailto:eskoog@passkey.com]
Sent: Monday, July 31, 2000 9:54 AM
To: Firewall-1 Mailing List
Subject: [FW1] External to Internal NAT
I am in the process of trying to get an external to internal NAT working.
Here is the scenario: I am VPNing to a foreign Firewall using FWZ. The
address I am entering the firewall with is 209.x.y.z. (209.x.y.0 is also the
IP address range of my Firewall and encryption domain) Once inside the
foreign Firewall I need to pick up a 172.x.y.z address.
Here is the question: How do I get this to work? Is it as simple as
creating a network object on the foreign Firewall with the IP address of
209.x.y.z and selecting static NAT, ip address 172.x.y.z? I wouldn't think
so, but maybe.
Any Ideas?
Erik Skoog
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic