1)Static arp for the external addresses of each of the hosts, either with
local.arp (NT) or issue arp commands for each host (Unix)
2) Create valid 1:1 routes on the gateway for each host
3) Put in a rule to allow external access in bound to these hosts
4) Make sure you have created the objects correctly and used "static nat"
for static addressing
Do you really want to setup static addressing for each internal host
outbound? Why not segment the hosts that require ftp to a seperate DMZ, and
create a single hide NAT rule for outbound connectivity?
Thomas Poole
-----Original Message-----
From: Ben Cuthbert [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, October 11, 2000 3:48 PM
To: Firewall Mailing List
Subject: [FW1] Static NAT
Hi all
I have setup a static nat network
were each of my internal hosts nats to a valid internet ip......
can someone tell me why i can't ftp to one of these internal hosts,
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
