You'll need to create network objects for the branch offices (Branch1,
Branch2), presumably the internal network (Int) object is already there.
Choose new "Network" objects rather than individual work stations, if the
company's security policy allows to do so. Then in your firewall policy,
under the "address translation..." tab, add the following rules:
Original Packets Translated Packets
Source Destination Service Source Dest. Serv.
Int Branch1 Any =Orig =Orig. =Orig.
Branch1 Int Any | | |
Int Branch2 Any | | |
Branch2 Int Any V V V
And so on, if you have more destination where no NAT-ing needed.
Otto
----- Original Message -----
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, February 12, 2001 7:00 AM
Subject: Static Mode NAT in Checkpoint
> Hi All,
> I have a Checkpoint firewall and has four interfaces. One interface
> is connected to internet, one interface is connected to my internal
network
> and the other two interfaces are connected to the leased lines connected
to
> my branch office. Here I need to do NAT based on destination. If a
> particular client wants to go to my branch office NAT should not happen.
If
> he goes to Internet NAT should happen. How can I do this. This has to be
> applied to each and every client in my internal network. I have heard that
> Static mode NAT in Checkpoint will happen only from client to client
(Point
> to point), not for Network to client. Is this true. Please clarify me.
>
> Thanks & Regds.,
> Babu
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
