Re: [FW-1] FW1 v4.1 on NT 4, Single external IP

Fri, 02 Nov 2001 13:05:47 -0800 

You could also use address translation to get this accomplished.

Yves Belle-Isle wrote:

> Yes in the followin configuration:
>
>             Internet 129.1.1.1
>                |
>                .
>               / \
>              /   \
>             /     \
>            / FW-1  \
>           /         \
>          +-----------+
>                | 192.168.1.1
>                | 192.168.1.2
>          +-----------+
>          |   Router  |
>          +-----------+
>                | 10.1.1.1
>               / \
>              /   \
>           FTP    HTTP servers
>      10.1.1.2    10.1.1.3
>
> You do a route add -p 129.1.1.1 mask 255.255.255.255 192.168.1.2
> and the router will dispatch it to 10.1.1.2 or 10.1.1.3 because the
> FW-1 send the packet to 10.1.1.2 or 10.1.3 depending on port (21 or 80)
>
> NO in the followin configuration:
>
>             Internet 129.1.1.1
>                |
>                .
>               / \
>              /   \
>             /     \
>            / FW-1  \
>           /         \
>          +-----------+
>                | 10.1.1.1
>               / \
>              /   \
>           FTP    HTTP servers
>      10.1.1.2    10.1.1.3
>
> It's because you need to use the Windows NT routing and you can't use the
> following syntax:
>
> route add -p 129.1.1.1:21 mask 255.255.255.255 10.1.1.2
> route add -p 129.1.1.1:80 mask 255.255.255.255 10.1.1.3
>
> You can route on a port basic, just IP address basic...
>
> At 12:43 2001-11-02 -0500, Tom Sevy wrote:
> >Is there a way in this scenario to route inwards by port/service?
> >
> >Singled External IP address on the FW, multiple internal IP addresses.
> >Map/route inbound FTP to one server, inbound HTTP to another?
> >
> >===============================================
> >To unsubscribe from this mailing list,
> >please see the instructions at
> >http://www.checkpoint.com/services/mailing.html
> >===============================================
> >
> >
>
> ------------------------------------------------------------
> Yves Belle-Isle V.P. VE2YBI YB17        Email: [EMAIL PROTECTED]
> Responsable des Systemes                Tel:  (819) 379-3446
> Sogi Informatique Ltee.                 Fax:  (819) 379-3449
> ------------------------------------------------------------
>
> ===============================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> ===============================================

===============================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
===============================================

Reply via email to