-----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Sascha Picchiantano Sent: Tuesday, March 29, 2005 12:32 PM To: [email protected] Subject: [FW-1] Basic NAT question
Hi, NAT has always confused me and probably will always do. So please have some patience with me :) Question. Say you have a very common network topology: Internal, DMZ, External (Internet). You use an automatic HideNAT rule to hide your internal network behind the external gateway IP address. This will create two rules, one saying that internal talking to internal will not be natted while internal to any will be natted. Does that mean my traffic to the DMZ is also natted? (because the automatic rule created source:internal, destination:any ->NAT(H))? >>>yes If that's true, automatic NAT means a lot of work eventually because you have to explicitly turn off natting between the segments that you don't want natted. Does that make any sense? :) >> in a way, yes What is everyone using here? Manual or automatic NAT? >>both Thanks Sascha ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
