I have a situation below :
The firewall module and management module was given only one IP address
155.21.86.106 (vaild IP address) subnetmask 255.255.255.128, gateway
155.21.86.1 (it is registered IP for the license part), the other LAN
segment is 155.21.84.208/29 (vaild IP address)
There are 3 network cards on this firewall NT server, which consist of
Internal,External,DMZ.
The internal will have
IP address 192.168.2.x,
External will have 155.21.84.x and
DMZ will have 192.168.1.x
So I want the firewall to translate internal IP which is 192.168.1.x to
external 155.21.84.x. (NOT 155.21.86.106)
So in order to make this work, first I configure external network card to
have IP address 155.21.86.106 and subnet mask 255.255.255.128 and gateway
155.21.86.1. Correct or the other way round? DO I NEED TO ADD 155.21.84.x
in the Advance option under TCPIP in the same network card?
If yes, is it just by doing the normal NAT procedure will do? Eg, configure
static NAT on the policy, add information on the local.arp and add a
statics route like "route add 155.21.84.1 192.168.1.10"
When the firewall do the NAT, must NAT translate only the same block of
external IP address which the firewall is registered? Eg, if to do NAT, the
NAT translation of external address must be 155.21.86.x since the firewall
ip is 155.21.86.106? True? Can it do 155.21.84.x instead?
Please advise. Thanks.
Best Regards,
Peter Tan
Certified Lotus Professional (CLP)
[EMAIL PROTECTED]
alterative email : [EMAIL PROTECTED]
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
