Yes, you did it right.
Sun
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of
> Iztok Umek
> Sent: Wednesday, January 10, 2001 2:18 PM
> To: [EMAIL PROTECTED]
> Subject: [FW1] NAT & spoofing
>
>
>
>
>
> I just configured FW-1 4.1 SP3 (RedHat 6.2).
>
> I did use "Hide" NAT for all the network with exception of host for
> Exchange OWA which has different "Static" NAT.
>
> I did add route and arp for that external address. In order to work I
> first had to remove spoofing protection on the FW-1 internal
> interface.
>
> Figuring out that this is not good I was playing around and did next
> thing:
>
> On internal interface instead of "This net" I had to use "Specific",
> where I put "Internal Network" + "External IP of NATed
> machine" (in one
> group).
>
> Is this normal way of doing it or did I do something wrong with route
> and arp so I had to "correct" it with spoofing rules.
>
> Regards,
> Iztok
>
>
> ==============================================================
> ==================
> To unsubscribe from this mailing list, please see the
> instructions at
> http://www.checkpoint.com/services/mailing.html
> ==============================================================
> ==================
>
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
