RE: [fw-wiz] NAT Based on Service with only one legal IP

• Previous message: Hilal Hussein: "[fw-wiz] Configuring firewall for access a webbase application"
• In reply to: Ben Nagy: "RE: [fw-wiz] NAT Based on Service with only one legal IP"
• Next in thread: manatworkyes moderator: "RE: [fw-wiz] NAT Based on Service with only one legal IP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: Ben Nagy <ben@iagu.net>, firewall-wizards@honor.icsalabs.com
Date: Wed, 21 May 2003 13:39:49 +0100 (BST)

A typical scenario is a small office LAN
comprised of SMTP, FTP and HTTP servers with internal
IPs and a xDSL broadband connection to the outside
world with only one dynamically assigned legal IP

FW-1 can not handle the dynamically assigned IP

> I suspect that any of these new
> 'appliances' that have
> software to deal with xDSL, where addresses are very
> frequently assigned,
> will be able to cope with this - it's just a
> question of how much you call
> them 'firewalls'. The basic problem is that if the
> box itself isn't involved
> in negotiating the IP address it becomes ugly.

Has anyone seen/used an xDSL appliance that can do
service based NAT with only one dynamically assigned
legal IP?

>
> So, in short, moving your NAT to the network border
> and doing it on your
> screening router is one option. That might also
> break other stuff that you
> do, like VPNs. Who knows.
>
> ben
>
> > -----Original Message-----
> > From: firewall-wizards-admin@honor.icsalabs.com
> > [mailto:firewall-wizards-admin@honor.icsalabs.com]
> On Behalf
> > Of W. Builder
> > Sent: Tuesday, May 20, 2003 5:43 PM
> > To: firewall-wizards@honor.icsalabs.com
> >
> > Dear Gurus
> >
> > Service based NAT with only one legal IP can be
> done with
> > Checkpoint FW-1 NG but not for dynamically
> allocated legal IP
> >
> > http://www.phoneboy.com/fom-serve/cache/86.html
> >
> > Are there any other non-CheckPoint firewall s/ware
> products
> > or appliances that can do this with both one legal
> static IP
> > ? With one dynamically assigned legal IP?
> >
> > Many thanks
> > W.Builder
>

__________________________________________________
It's Samaritans' Week. Help Samaritans help others.
Call 08709 000032 to give or donate online now at http://www.samaritans.org/support/donations.shtm
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

• Previous message: Hilal Hussein: "[fw-wiz] Configuring firewall for access a webbase application"
• In reply to: Ben Nagy: "RE: [fw-wiz] NAT Based on Service with only one legal IP"
• Next in thread: manatworkyes moderator: "RE: [fw-wiz] NAT Based on Service with only one legal IP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]