Good question. In that I was going to pose the same one.
My thinking is that if you have devices hidden behind another address other than the
real firewall external address, then you'll still need to proxy arp the address to the
firewall interface. So what is the difference?
Any attack on the proxied IP is an attack at the same physical interface so, so what?
Paul.
>>> "Goetz, Jarrett" <[EMAIL PROTECTED]> 5/9/2001 06:41:06 am >>>
How would all of you rate the degree of the benefit of making your public
NAT HIDE address that not of the firewall's external interface, but of
another IP, only used for that particular purpose?
Thanks in advance.
---------------------------------------------------------------------------------------------------------------------------
CRESTCo Ltd. The views expressed above are not necessarily those
33 Cannon Street. held by CRESTCo Limited.
London EC4M 5SB (UK)
+44 (020) 7849 0000 http://www.crestco.co.uk
---------------------------------------------------------------------------------------------------------------------------
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
