It's called hide-mode NAT in FW-1. An example NAT rule would look like
this (obviously you need an access rule as well):
ORIGINAL PACKET NATted PACKET
SOURCE DEST SOURCE DEST
internal-net ANY hide-addr ORIG
Hope this helps.
Jason
Todd Ginther wrote:
>
> Hello All,
>
> I haven't seen a FW-1 solution to something that I currently do with another
>firewall product - that is to be able to advertise a single IP out to the world
>(firewall external interface) and have the firewall direct inbound Internet traffic
>to different internal servers based soley on which port the firewall gets hit on.
>
> Example:
>
> -Advertised IP address is abc.123.123.1
>
> -Traffic hits abc.123.123.1:18000 gets redirected
> to an internal server, machine alpha.
>
> -Traffic hits abc.123.123.1:19500 gets redirected
> to a different internal server, machine beta.
>
> Any ideas? I would prefer not to have to use up a bunch of IP's to do one-to-one
>NAT.
>
> Thanks in advance, all!
>
> Regards,
>
> -Todd
>
> _____________________________________________________________
> Want a new web-based email account ? ---> http://www.firstlinux.net
>
> ================================================================================
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> ================================================================================
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
