Yes, it's possible, but I'm wondering what you are trying to do. I've seen
many arguments on whether or not this should be done. You can hide behind
any external address you own. What simplifies the external fw nic, is not
having to deal with arp issues. Remember- when you hide behind an address
that is not in use, you still have to proxy arp for it, so the downstream
router can find you.
-tp
-----Original Message-----
From: Larry Haff [mailto:[EMAIL PROTECTED]]
Sent: Thursday, June 08, 2000 7:44 PM
To: [EMAIL PROTECTED]
Subject: [FW1] Hide Internal Network NOT Using the FW's External IP
Hi All,
In trying to have a FW be as invisible as possible, I have often wondered if
it would be desirable, or even possible, to hide the portion of a LAN that
is not using NAT behind an IP address other than the one assigned to the
external interface of the FW. Has anyone tried this? If yes, can you offer
guidance?
Larry Haff
Network and Technical Administrator
Institute of Computer Technology
Email: [EMAIL PROTECTED]
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
