Vic, arp your router on an External ip on the firewall (dont forget to route to it) accept with a rule the traffic you are interested for.
Pete -----Original Message----- From: Vic G [mailto:fw1vic@;HOTMAIL.COM] Sent: Wednesday, October 30, 2002 10:56 AM To: [EMAIL PROTECTED] Subject: [FW-1] internal network/NAT (eventually VPN) I'm attempting to set this up, here is my config (be kind..) Very int IntDMZ FW External 15.x.x.x Router 10.10.10.x 10-12 12.x.x.x There is a router between "very internal", (which also has other routers to more internal nets...) I need a client on the outside(internet) to be able to get to an very internal host station (eventually VPN to a similar setup on other side). I have on my INT DMZ some hosts (Static Nat'd to the external address) and that works OK. The Router is static NAT'd as a workstation, with NAT enabled. (one IP is 10.x.x.x, other is 15.x.x.x)I've tried HIDE and STATIC (not sure what it should be...) The Internet router has static route statments to force the external address to the FW. How does someone on the Internet address (what could be) many internal addresses on the inside networks? All the examples I see are only 1 level deep (ie the 10.x.x.x is hide/natted to the outside). I need to get 1 more level in. What am I missing here? Vic _________________________________________________________________ Unlimited Internet access -- and 2 months free! Try MSN. http://resourcecenter.msn.com/access/plans/2monthsfree.asp ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
