RE: [fw-wiz] NAT Based on Service with only one legal IP

From: Ahmed, Balal (balal.ahmed_at_cgey.com)
Date: 05/21/03

  • Next message: Luciano Z: "[fw-wiz] performance management on pix firewalls"
    To: "'W. Builder'" <xbuilder@yahoo.com>, firewall-wizards@honor.icsalabs.com
    Date: Wed, 21 May 2003 16:49:47 +0100
    

    I dont know if I have understood your question correctly. Do you mean you
    have one legal static IP address OR one legal DHCP and you wish to perform
    hide nat (NAPT) on outbound traffic.

    If so you can do this on the PIX with either the fixed IP or the DHCP
    address. This in addition to the port redirection feature in PIX version 6.0
    and above will allow you to host services that reside on your inside
    network. You can use the keyword INTERFACE in PIX static and global
    commands, this ensures your config does not need updating if your IP address
    changes. This looks like a really handy feature for DSL users.

    See this link for more info

    http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note0918
    6a0080094aad.shtml

    HTH

    -----Original Message-----
    From: W. Builder [mailto:xbuilder@yahoo.com]
    Sent: 20 May 2003 16:43
    To: firewall-wizards@honor.icsalabs.com
    Subject: [fw-wiz] NAT Based on Service with only one legal IP

    Dear Gurus
     
    Service based NAT with only one legal IP can be done
    with Checkpoint FW-1 NG but not for dynamically
    allocated legal IP

    http://www.phoneboy.com/fom-serve/cache/86.html

    Are there any other non-CheckPoint firewall s/ware
    products or appliances that can do this with both
    one legal static IP ? With one dynamically assigned
    legal IP?
     
    Many thanks
    W.Builder
     
     

    __________________________________________________
    It's Samaritans' Week. Help Samaritans help others.
    Call 08709 000032 to give or donate online now at
    http://www.samaritans.org/support/donations.shtm
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

    ********************************************************************************************
    " This message contains information that may be privileged or confidential and
    is the property of the Cap Gemini Ernst & Young Group. It is intended only for
    the person to whom it is addressed. If you are not the intended recipient, you
    are not authorized to read, print, retain, copy, disseminate, distribute, or use
    this message or any part thereof. If you receive this message in error, please
    notify the sender immediately and delete all copies of this message ".
    ********************************************************************************************

    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


  • Next message: Luciano Z: "[fw-wiz] performance management on pix firewalls"