Hello Vasu, I don't really think there is a Check Point feature you could use as replacement of PIX's DNS doctoring (if anybody else knows I would be very interested about it also), but I believe the result of using DNS doctoring can be achieved using manual NAT rules on Check Point.
A common scenario where you would use DNS doctoring is when you have a Public server on a DMZ and you would like for the machines on the internal network to be able to access it using it's domain name, but using an external DNS for the resolution, which off course resolves a public IP address. DNS Doctoring will modify the DNS resolution (which again I don't think is possible using Check Point), but if you create a manual NAT rule on Check Point that says that whenever the internal network goes to the public IP of the server on the DMZ, the source is not NATed, but the destination is NATed to the private IP on the DMZ, the traffic should in fact reach its destination. Off course this workaround would not affect the output of an nslookup issued on the internal hosts. I have never tried this, so I might be completely wrong, I just hope it works and please if it does let us know, as it would be very usefull when replacing a PIX with alias commands for a Check Point firewall. Regards On 10/16/06, Vasu Chetty <[EMAIL PROTECTED]> wrote:
Hello, Is there a DNS Doctoring feature (Cisco PIX) from Check Point Firewall NG AI R55. If so, please provide the details to confi. If this feature available in Checkpoint, what is the term that is called in Checkpoint. Thanks & Regards, Vasu CP ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
-- Sergio Alvarez (506)8301342 ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
