"Cisco Wave" <[EMAIL PROTECTED]> wrote:
>Date: Tue, 8 Aug 2000 22:45:57 -0700 (PDT)
>
>Dear All,
>
>I would like to know if it is possible to NAT only the
>payload of DNS queries.
>
>What I would like to do, is not to change the routing,
>and not to translate any addresses in headers because
>it is working fine like this, I just need to translate
>the payload of the DNS reply from the DNS server in
>FW1 (ie changing
>from nameA<->IPexternal to
>nameA<->IPtranslated2internal).
This sounds like one head-spinning set up. Have no idea why
you want to do it this way, this is a zillion times harder than
changing your routes. First, you do not want to mess with
DNS answers. Why querry, and then mask the answer with one
of your own. If the answer is x.y.z.z, make sure your FW
can get to x.y.z.z instead of making x.y.z.z look like something
else. Don't know your ISP set up, but you should have rails
connecting you to your ISP POS routers. On your FW you should
set this as the default route. For your internal network
have a routing table, static or use gated, it's free. Wherever
x.y.z.z is, when a packet hits your FW with the destination
x.y.z.z, it will default to go to your ISP routers & to the
big Internet cloud.
CT
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
