Hi Does anyone have an idea on this one, thanks gain --- On Thu, 4/2/10, Peter Addy <[email protected]> wrote:
From: Peter Addy <[email protected]> Subject: [FW-1] Checkpoint routing and NAT To: [email protected] Date: Thursday, 4 February, 2010, 14:07 Hi I have a question about routing and Nat with Hi I have a question about routing and Nat with checkpoint NGX and NG FP3 We have a NG FP3 firewall where we have a rule and a static Nat to a server So connections coming in are nat'd to a server going to the destination of 194.73.x.x are then static nat'd to a address 10.99.x.x We are going to move the server 10.99.x.x to sit behind another firewall which is running NGX R65, so can we simply put a Nat rule on the FP3 to static Nat to the new IP and replace the 10.99.x.x, with a 192.168.x.x. this then routes the packets to the NG FP3 firewall then to the NGX R65 firewall to go to the 192.168.x.x and with the rules and NAT set up on the NGX R65 will this work, will routing need to be modified on both firewalls and how will the packets route back, or can we route them back through the NGX R65 to the destination rather than going back through the FP3 firewall or do we have to route them back the same way the original packets comes in, that is incoming connection>NG FP3 rules and NAT> .. going to NGX R65 rules and NAT, then back the same way the traffic comes in or can we route simply out of the NGX R65 to the source address, or do we have asymmetric routing issues if we do this? Sorry if this is confusing, in simple terms we are moving a server behind one firewall to another but traffic will still go through the existing firewall until we have migrated everything of the old firewall? Thanks for your help Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
