Hi, I installed and administer the full SunScreen product for my company. I believe the SunScreen Lite product behaves in much the same way, but I have never actually used it. Do you have the browser (GUI) admin tool, or do you have to use the command line editor?
Also do you want to have permanent 1 to 1 IP NAT (typically used for mail or WEB servers), or do you want to dynamically assign 'legal' IP's from a pool, to internal machines on demand (typically used for desktop WEB browsing)? Or, of course a combination of both is possible. It may help if you understand that each NAT requires 2 entries in the NAT rules area. For example: - Suppose you have a machine with a 'non-legal' IP of 1.2.3.4 and you want to give it a permanent 'legal' IP of 5.6.7.8 you need to create two ADDRESS entries, one for each of the above IP's, using ADD NEW HOST 1. NAME non-legal-ip ADDRESS 1.2.3.4 DESCRIPTION whatever 2. NAME legal-ip ADDRESS 5.6.7.8 DESCRIPTION whatever and then you need to create the following 2 NAT rules:- 1. INDEX 1 SCREEN * MAPPING STATIC SOURCE * DESTINATION legal-ip TRANSLATED SOURCE * TRANSLATED DEST non-legal-ip DESC <whatever> 2. INDEX 2 SCREEN * MAPPING STATIC SOURCE non-legal-ip DESTINATION * TRANSLATED SOURCE legal-ip TRANSLATED DEST * DESC <whatever> Give me shout if you need more. Nick -----Original Message----- >Date: Sun, 20 Jan 2002 17:50:24 -0000 >From: "disarray0019" <[EMAIL PROTECTED]> >To: [EMAIL PROTECTED] >Subject: SunScreen Lite >Anyone out there have experience with SunScreen Lite? I'm trying to >setup NAT on my home LAN, but the documentation that Sun provides, >doesn't go in depth enough for my setup. _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
