Well, it seems that there are no limits to the mind.
The solution is to perform static routing on the firewall that will route
every incoming traffic from unit1 to unit2. This shall route every incoming
traffic from unit1 to unit2.
Then you have to set the manual NAT rule redirecting SMTP traffic from unit1
to unit2, and the complimentary source NAT rule.
The sting is: since the FW doesn't perform the routing, traffic shall still
reach the units2, what about the traffic needed to reach unit1 (pop, etc').
All you have to do is to enable IP forwarding in the NT TCP/IP properties.
This I think, is a configuration we hadn't seen yet.
With thanks to Dmitry Rubinshtein.
Original Message:
Hi all,
I'm using FW 4.0, SP3 on an NT machine.
I have two units in the DMZ that are accessible from the
outside.
The first is DNS registered and the second is not.
Before, both my SMTP and POP were routed to the first one
mail.domain.
Now I've added another unit, that is my SMTP.
I would like to create a NAT rule in the firewall that
states that any
outside traffic coming to the first unit with SMTP, shall be
NAT'ed to the
second unit IP address, laving the source and service
intact.
I've tried the manual NAT at the rule base and it doesn't
seem to work.
When I remove the NAT and connect directly to the second
unit, I get an
answer so it's not a problem with the unit configuration
Regards,
Email: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
