Other way (again depending on the NAT solution on that Firewall) is that you
can use a two way assignment on NAT telling it that the Internal Address is
just that Real External Address, and the NAT do it automatically for output
and input connection.
This is useful when you don't want to assign a real IP Address on the TCP/IP
stack of the Internal System (Example: Web Server). Helpful only for
administrative purpose, not for security reasons.
-marco
-----Original Message-----
From: J. T. B. [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, October 26, 1999 11:36 AM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: RE: Secure Computing Corporations "Sidewinder" and disabling
NAT. ..
There's no "security" difference in NAT or not NATING to an internal host,
if your connecting to the host you're there, NAT or not...
As for the original question, I'm going to assume the host in question has a
real world address, If not, forget it, it's not going to work anyway. If so
you should have no problem depending on your network infrastructure.
I'm not familiar with Sidewinder per say, but with most firewalls that do
NAT you can configure hosts individually, just set that one host without
NAT.
>From: "Lee, Dana-Renee" <[EMAIL PROTECTED]>
>To: "'Steve Newbury'" <[EMAIL PROTECTED]>,
>"'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>
>Subject: RE: Secure Computing Corporations "Sidewinder" and disabling
>NAT. ..
>Date: Tue, 26 Oct 1999 07:21:59 -0500
>
>Why would you want to open up a hole in your firewall? I would recommend
>you find another resolution to why you want to turn off the NAT feature.
>Just my 2 cents.
>
>Renee Lee
>UTHSCSA
>
> -----Original Message-----
>From: Steve Newbury [mailto:[EMAIL PROTECTED]]
>Sent: Monday, October 25, 1999 12:58 PM
>To: '[EMAIL PROTECTED]'
>Subject: FW: Secure Computing Corporations "Sidewinder" and disabling
>NAT. ..
>
> > Hello,
> >
> > I was wondering if anybody has specific knowledge on Secure Computing
> > Corporations "Sidewinder" firewall product. In particular, I was
> > interested to find out if it is possible to turn of NAT (Network Address
> > Translation) for a particular IP address. That is, exclude one IP
>address
> > from using NAT, and therefore allow direct access to this host. I would
> > appreciate if replies were sent directly to me.
> >
> > Thanks,
> >
> > Steve Newbury
> > Microsoft Dev. Support Eng.
> > mailto:[EMAIL PROTECTED]
> >
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]
>
______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
