No, just don't do automatic NAT rules. If you set-up NAT "by hand" you can
have tso rules:
Original Packet Translated Packet
Src Dest Serv Src Dest Serv
any 209.46.53.10 http original 192.168.1.1 http
any 209.46.53.10 smtp original 192.168.1.2 smtp
Should work.
Chris
-----Original Message-----
From: Shadrick Tveit
To: 'Jeff Ensminger'; 'fwmailing'
Sent: 1/18/01 1:50 PM
Subject: RE: [FW1] Splitting NAT to two Different Severes
I think you will be stuck aquiring a second valid ip address.
You must have a valid IP address for clients to initiate communication
over
the net.
-Shad
-----Original Message-----
From: Jeff Ensminger [mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 18, 2001 10:35 AM
To: [EMAIL PROTECTED]
Subject: [FW1] Splitting NAT to two Different Severes
I am at a roadblock on how to solve this issue:
On an NT network I want to host the website for domain "onlydomain.com"
on a
web server (192.168.1.1),
and host email for the same "onlydomain.com" on a separate email server
(192.168.1.2).
Both servers reside the same one fw-1 server.
I only have one public IP (209.46.53.10)available to use for both NATs.
I have created net objects for both as such:
webserver valid=209.46.53.10, real=192.168.1.1
mailserver valid=209.46.53.10, real=192.168.1.2
I have the proper .arp entry of "209.46.53.10 [mac address of fw-1
ext
nic]".
I have rules allowing for access (in and out) for both servers with the
proper protocols (HTTP, and SMTP, Pop3, respectively).
The problem is that only the mail requests are properly routed. The web
requests are routed to the mail server also, resulting in a page error
for
the client browser.
Regardlesss of the rule-order of the two, the same result occurs.
However, if I delete the net object of the mailserver, the web requests
are
fulfilled properly.
Is it not possible to use one public IP to address both email and web
server
for the same domain, through NAT?
I have received a couple of good suggestions, but don't seem to solve
the
issue.
I also have been all through Phoneboy's site (many times) to no avail.
Does anyone know how to perform this feat?
Thanks to all for at least scratching your heads to see if anything
comes
up!
Jeff "Gus" Ensminger
Network Administrator
RGI Marketing Group, inc.
Orlando, FL
407-339-7111 ext. 104
http://www.rgimarketing.com
<<...OLE_Obj...>>
========================================================================
====
====
To unsubscribe from this mailing list, please see the instructions
at
http://www.checkpoint.com/services/mailing.html
========================================================================
====
====
========================================================================
========
To unsubscribe from this mailing list, please see the instructions
at
http://www.checkpoint.com/services/mailing.html
========================================================================
========
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
