Hi, have you ever tried to use vlan ??? you can create a tagged vlan at server interface - one subinterface pointing to a static nat rule to internet and another subinterface pointing to a static nat rule to intranet.
i think this can solve your problem. Marcos --- Sergio Alvarez <[EMAIL PROTECTED]> escreveu: > You will be able to achieve that with two separate > manual NAT rules, but > ONLY if there is a way to differentiate between > traffic sent/received > through eth1 and eth2. For example if you pass > traffic through one interface > to reach (or receive from) network A and through the > other to get to network > B, or if you use eth1 for SMTP and eth2 for FTP. > That way to can tell your > firewall how to decide which manual NAT to use > depending on what you are > sending, otherwise it will never know which NAT rule > to use and even when > most likely you will be able to create both manual > NAT rules, only the first > one in the list will be used always. > > If you just have two Internet links and want for > traffic to go sometimes > through one external interface and sometimes through > the other, then this > will not work with just 2 NAT rules and what you > need is precisely to > configure "ISP Redundancy" on your firewall. > > Regards > > On 9/26/07, Jim Johnson <[EMAIL PROTECTED]> wrote: > > > > Yes it's possible, assuming each interface routes > to different > > non-overlapping networks. Create two outgoing > manual nat rules, one for > > each interface. The difference between the rules > is the "translated > > packet > > source address" (i.e. you static NAT IP) and the > "original packet > > destination netowork(s)" (i.e. where the traffic > is going). Don't forget > > to > > create the two corrpesonding return traffic NAT > rules. > > > > > > > > > > > -----Original Message----- > > > From: Mailing list for discussion of Firewall-1 > > > > [mailto:[EMAIL PROTECTED] > On Behalf Of Sunil > > > Sent: Wednesday, September 26, 2007 8:32 AM > > > To: [email protected] > > > Subject: [FW-1] Applying static NAT on two > interfaces for the > > > same internal Server > > > > > > Hi All, > > > > > > Does anyone know in Chekcpoint, is it possible > to create > > > seperate Static NAT for a single object on the > outgoing interfaces > > > > > > For eg: > > > > > > Server 1 -- NAT x.x.x.x -- Internet, traffic > goes thru > > > interface eth1 > > > Server 1 --NAt y.y.y.y -- Intranet , traffic > goes thru > > > interface eth2 > > > > > > Thanks, > > > John > > > > > > > > > > > > --------------------------------- > > > Pinpoint customers who are looking for what you > sell. > > > > > > > ================================================= > > > To set vacation, Out-Of-Office, or away > messages, > > > send an email to > [EMAIL PROTECTED] > > > in the BODY of the email add: > > > set fw-1-mailinglist nomail > > > > ================================================= > > > To unsubscribe from this mailing list, > > > please see the instructions at > > > http://www.checkpoint.com/services/mailing.html > > > > ================================================= > > > If you have any questions on how to change your > > > subscription options, email > > > [EMAIL PROTECTED] > > > > ================================================= > > > > > > > ================================================= > > To set vacation, Out-Of-Office, or away messages, > > send an email to > [EMAIL PROTECTED] > > in the BODY of the email add: > > set fw-1-mailinglist nomail > > ================================================= > > To unsubscribe from this mailing list, > > please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================= > > If you have any questions on how to change your > > subscription options, email > > [EMAIL PROTECTED] > > ================================================= > > > > > > -- > Sergio Alvarez > (506)8301342 > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > Abra sua conta no Yahoo! Mail, o único sem limite de espaço para armazenamento! http://br.mail.yahoo.com/ ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
