Chris Covington wrote: > > According to phoneboy: > > "FireWall-1 listens for any IP-based traffic on all interfaces but ones > deemed "external." In the NG release, external interfaces are defined in > the firewall's workstation object, topology tab. Multiple external > interfaces can be defined in NG, but FireWall-1 will not allow traffic > to be routed between the external interfaces. In 4.1 and earlier > releases, it is defined by the contents of the external.if file (see > What to Put in $FWDIR/conf/external.if? for details). Only a single > external interface is permitted in 4.1 and earlier releases." > > So it would seem impossible to have both a DMZ with Public IPs and the > external router interface with its Public IP in 4.1? Is anyone using a > DMZ without NAT and with Public IPs in 4.1?
The interface on your proctected network with registered IPs, your "DMZ" is an "internal" interface. -- Crist J. Clark [EMAIL PROTECTED] Globalstar Communications (408) 933-4387 The information contained in this e-mail message is confidential, intended only for the use of the individual or entity named above. If the reader of this e-mail is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that any review, dissemination, distribution or copying of this communication is strictly prohibited. If you have received this e-mail in error, please contact [EMAIL PROTECTED] ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
