Hi *.
I'm facing an interesting problem when trying
to switch services from the old (Borderware) firewall
to FW-1.
We've got two boxes on two different DMZ, server
A will be the external DNS server and B the News
server. Both must be visible on the Internet via
static NAT'ing. To preserve the configuration from
the old firewall, both services must be presented
to the Internet using the same IP address.
I've set up manual NAT'ing
src dst port src dst port
dnssrv any DNS oldfw-ext = =
any oldfw-ext DNS = dnssrv =
newssrv any NNTP oldfw-ext = =
any oldfw-ext NNTP = newssrv =
I've added static arp. Here's the problem: What
do I do with the routing? Now I've added a static
route from oldfw-ext to dnssrv, and that service
does work. However, nntp traffic to our news server
is also routed to the dns server.
Can this be solved with FW-1?
I'm using FW1 4.0 SP5 on Solaris 2.6.
/Kristian
-----------------------------------------
Kristian Ejvind - [EMAIL PROTECTED]
System admin at SPP Investment Management
-----------------------------------------
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
