--- John Qian <[EMAIL PROTECTED]> wrote:
> Hi all,
> I'm using NAT from Internal network 10.10.0.0 to
> External network 207.x.x.0 (Hide & Static). Now I
> try to use DMZ 198.x.x.0 which has public ip
> addresses. My plan is not to NAT bet. DMZ &
> External, No NAT bet. Internal & DMZ, just keep
> existing NAT bet. Internal & External.
> I noticed my traffic from Internal to DMZ is
> translated to Hide ip address ( 207.x.x.x) before it
> reach DMZ host.
> Is my plan ok ?
> How can I make sure traffic Bet. Internal & DMZ go
> straight without NAT ?
> Anyone has sample rule config ?
>
> Thanks
> John Qian
>
You have to make a NAT rule bet. Internal & DMZ that
don't change the ip addresses. It should looks like
that:
Original Packet
Source = Internal
Destination = DMZ
Protocol = Any
Translated Packet
Source = Original
Destination = Original
Protocolo = Original
So all the traffic bet Internal & DMZ should use this
NAT rule (that doesn't NAT). The traffic bet Internal
& External will continue using the other NAT rule that
you have.
Best regards
Key Chavez
__________________________________________________
Do You Yahoo!?
Yahoo! Auctions - Buy the things you want at great prices.
http://auctions.yahoo.com/
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
