Robert, All, Thank you very much. It is Mr, and you can call me Stefan ... The FW is keeping track of the NAT when it is Hide mode, but I am not sure when it is a static NAT. I did cionfigure the FW with Hide mode in my previous company, but in my new company everything is configure with Static. The guys did configure both ways here, and I wonder if it is correct. As I need to address this before the audit point, I will appreciate any help. I can test that on the live system. I tried to find in th edoc I have and on phone biy, but it ws not mentionned if FW was keeping track of addresses for the return packets. Anybody can help me ? Thanks, Xavier -----Original Message----- From: Robert MacDonald [SMTP:[EMAIL PROTECTED]] Sent: Wednesday, July 12, 2000 12:40 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: [FW1] static NAT, is the outbound only enough ? Cisco (or is it Mr./Ms. Wave :), Just outbound NAT should be fine. The fw should keep track of it from there. Robert - - Robert P. MacDonald, Network Engineer e-Business Infrastructure G o r d o n F o o d S e r v i c e Voice: +1.616.261.7987 email: [EMAIL PROTECTED] >>> Cisco Wave <[EMAIL PROTECTED]> 7/5/00 3:52:34 AM >>> Dear All, Regarding static NAT, do we need to have both inbound and outboubnd NAT, or only one outbound NAT is enough and FW1 is mart enough to know the inbound NAT ? For example, which one is the most correct : Rule A.B.C.D -> W.X.Y.Z TCP Accept (outbound) (TCP established are accepted, so no need for the rule inbound) with only this NAT ? NAT A.B.C.D->W.X.Y.Z translated 1.2.3.4->6.7.8.9 or with both NAT ? NAT A.B.C.D->W.X.Y.Z translated 1.2.3.4->6.7.8.9 6.7.8.9->1.2.3.4 translated W.X.Y.Z->A.B.C.D Thank you, ===== We are NOT Cisco Inc. __________________________________________________ Do You Yahoo!? Get Yahoo! Mail � Free email you can access from anywhere! http://mail.yahoo.com/ ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
