Valerie,
> The question was specificly about if using NAT with Firewall-1
> would weaken the security, and I still say it will not hurt you in
> that fashion.
Agreed. :)
> I'm not sure why you wouldn't use an encrypted tunnel in the first place,
> if the traffic was going over a network where your IPs weren't valid
> (presumably the Internet), to another private network where they were.
> That is definitely more secure! :-)
Uff... to be precise the application was sitting on a DMZ with
non internet IPs and non-intranet IPs. We have many devices in the
intranet that expect only some IP classes.
The path that the application took internally was completely
safe... however we found out too late that the application didn't like
NATing (it's a commercial web app) and we had to VPN internally which
caused us a non-expected administrative overhead.
-- p.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
