> Nick,
> Thanks for the info.
> As I understand it, the routing table entries are only needed
> for destination static NAT because the destination IP address
> gets changed by this type of NAT, and it's the destination IP
> which controls routing. However, I'm using source hiding NAT
> which only changes the source address of the packet and only
> needs a routing change to allow the return packets back to the
> single hiding address.
Roy,
You are correct, I jumped the gun. I just realized you are using
route'able addresses behind the firewall - no static route (on the fw) or
default gateway for the client will be needed. If the internal addresses
were non-route'able - this would not work. It would require your internal
clients to have default routes via the firewall (which would defeat your
overall purpose & you would have to have static nat for each internal
host (what a mess) in order to get inbound hide-nat to work).
-Nick
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
