Yes in the followin configuration:
Internet 129.1.1.1
|
.
/ \
/ \
/ \
/ FW-1 \
/ \
+-----------+
| 192.168.1.1
| 192.168.1.2
+-----------+
| Router |
+-----------+
| 10.1.1.1
/ \
/ \
FTP HTTP servers
10.1.1.2 10.1.1.3
You do a route add -p 129.1.1.1 mask 255.255.255.255 192.168.1.2
and the router will dispatch it to 10.1.1.2 or 10.1.1.3 because the
FW-1 send the packet to 10.1.1.2 or 10.1.3 depending on port (21 or 80)
NO in the followin configuration:
Internet 129.1.1.1
|
.
/ \
/ \
/ \
/ FW-1 \
/ \
+-----------+
| 10.1.1.1
/ \
/ \
FTP HTTP servers
10.1.1.2 10.1.1.3
It's because you need to use the Windows NT routing and you can't use the
following syntax:
route add -p 129.1.1.1:21 mask 255.255.255.255 10.1.1.2
route add -p 129.1.1.1:80 mask 255.255.255.255 10.1.1.3
You can route on a port basic, just IP address basic...
At 12:43 2001-11-02 -0500, Tom Sevy wrote:
>Is there a way in this scenario to route inwards by port/service?
>
>Singled External IP address on the FW, multiple internal IP addresses.
>Map/route inbound FTP to one server, inbound HTTP to another?
>
>===============================================
>To unsubscribe from this mailing list,
>please see the instructions at
>http://www.checkpoint.com/services/mailing.html
>===============================================
>
>
------------------------------------------------------------
Yves Belle-Isle V.P. VE2YBI YB17 Email: [EMAIL PROTECTED]
Responsable des Systemes Tel: (819) 379-3446
Sogi Informatique Ltee. Fax: (819) 379-3449
------------------------------------------------------------
===============================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
===============================================
