Hi I was re-reading this response as i am experiencing problems with my fw-1 on this point: i.e. firewall-1 has to nat to external interfaces which are not in the same network address it belongs ot. fw1:external_interface: 200.10.50.1 And has to NAT-Hide to: 200.40.20.1 and 200.40.21.1 So far: I-ve assigned these addresses to router: 200.10.50.2 200.40.20.2 200.40.21.2 On fw-1 , i ve set a local.arp 200.10.50.1 200.40.20.1 200.40.21.1 Is there anything else I should do? Like adding manually these ip addresses as aliases to external interface or local.arp is enough? This configuration seems to work for intervals and suddenly , fw-1 "loses" its NAT rules on some hosts. Am i missing something? Thanks Jaime O. -----Original Message----- From: Lars Troen [mailto:[EMAIL PROTECTED]] Sent: Jueves, 08 de Marzo de 2001 07:48 a.m. To: Velasquez Venegas Jaime Omar Subject: RE: [FW1] FW-1 One External Interface- NAT to several public addresses 1. Set static routes to the alternative external ip addresses on you router, pointing to the firewalls external ip. -or- 2. Set a static arp entry for the two other external ip addresses on the firewall. Lars -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Velasquez Venegas Jaime Omar Sent: Thursday, March 08, 2001 1:09 PM To: 'FW1-MailingList (E-mail)' Subject: [FW1] FW-1 One External Interface- NAT to several public addresses My trusted network is defined by a few internal networks.FW-1 should do NAT every internal network to a different external public address: 192.168.1.0 -> Public_Network_1 192.168.2.0 -> Public_Network_2 192.168.3.0 -> Public_Network_3 Since the box running fw-1 has only one external interface , how should i overcome this problem? Thanks ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
RE: [FW1] FW-1 One External Interface- NAT to several public addresses
Velasquez Venegas Jaime Omar Tue, 08 May 2001 15:35:29 -0700
- [FW1] FW-1 One External Interface- NAT to sev... Velasquez Venegas Jaime Omar
- [FW1] FW-1 One External Interface- NAT t... Velasquez Venegas Jaime Omar
- RE: [FW1] FW-1 One External Interface- N... Ricardo Mirez Ballesteros
- RE: [FW1] FW-1 One External Interface- N... Luke, Jason (ISS Southfield)
- Velasquez Venegas Jaime Omar
