Yes....
Please reference CD 4.1.2 Secadmin.pdf
Page 479
Advanced Topics
Address Translation and Anti-Spoofing
......
Address Translation takes place as follows:
-for a packet going from the client (the initiator of the connection) to the
server, just before the packet leaves the interface closest to the server
-for a packet going from the server to the client, just after the packet
enters the interface closest to the server
There are diagrams in the pdf that do a better job of expaining where
anti-spoofing/rules/NAT occurs that one can tell in words.
General rule of thumb:
NAT ALWAYS happens @ the interface closest to the "server", in a client
server model/
Of course, in Next Generation (5.0) it's different.
Jon
Date: Mon, 18 Jun 2001 16:53:23 -0400
From: Jabal P Raval <[EMAIL PROTECTED]>
Subject: [FW1] what occurs first NAT or RULEBASE
in checkpoint firewall-1 4.1, what occurs first, when a packet comes in,
rulebase
checking or address translation?
Thanks/.
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
