Brian,
I think what you want to do is more commonly referred to as "port
mapping" (or "port forwarding" in the Linux community). PAT is a term
introduced by Cisco, and it is equivalent to what Check Point users call
"Hide NAT" (aka Dynamic NAT).
PAT definition from Cisco's website:
Q: What is Port Address Translation (PAT), or "NAT overloading"?
A: Also called Port Address Translation (PAT) or port-level multiplexed
NAT, NAT "overload" is used to translate all "internal" (local) private
addresses to a single "outside" (global - usually registered) IP
address. Unique port numbers on each translation are used to distinguish
between the conversations.
Dynamic NAT definition from Check Point's website:
Dynamic NAT provides users access to the Internet while conserving
registered IP addresses and hiding the actual IP addresses of network
resources. Dynamic mode uses a single IP address to hide all internal
network resources.
More NAT info:
http://www.uq.net.au/~zzdmacka/the-nat-page/index.html
Many routers support port mapping. Port forwarding is a feature of the
latest Linux kernel. I've never tried to do it with FW-1 rules, but the
method Carl suggested might work. Good luck.
HTH,
Mark L. Decker
Rainfinity
[EMAIL PROTECTED]
www.rainfinity.com
(408) 382-4870
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
