Babu;
Define network objects for the internal network and the the two branch
ofice networks. Using those objects you can then create static NAT
rules manually under your NAT policy tab, in an order that logically
performs or does not perform NAT for the destination in question.
Specifically, you have NAT rules first that do not NAT when going from
internal network to branch 1 or branch 2. Then after those rules, you
have a rule that does NAT going to the internet, where the internet does
not have an object, of course, but is simply a destination of "any".
HTH,
Michael
[EMAIL PROTECTED] wrote:
>
> Hi All,
> I have a Checkpoint firewall and has four interfaces. One interface
> is connected to internet, one interface is connected to my internal network
> and the other two interfaces are connected to the leased lines connected to
> my branch office. Here I need to do NAT based on destination. If a
> particular client wants to go to my branch office NAT should not happen. If
> he goes to Internet NAT should happen. How can I do this. This has to be
> applied to each and every client in my internal network. I have heard that
> Static mode NAT in Checkpoint will happen only from client to client (Point
> to point), not for Network to client. Is this true. Please clarify me.
>
> Thanks & Regds.,
> Babu
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
