This is what we do. We use a 192 address for DMZ areas. we use 10 net addresses for internal networks.
Then We also have the external addresses, so I have three addresses to use for communications. I have an exact object for external access. I have another for internal access I have another for a source address I do manual arps also. This way I know what can communicate with a rule if source is any. Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
