RE: [fw-wiz] NAT Based on Service with only one legal IP
From: Ahmed, Balal (balal.ahmed_at_cgey.com)
Date: 05/21/03
- Previous message: Baba Jayeju: "[fw-wiz] Adding 2ndary IP to IPSO"
- Maybe in reply to: W. Builder: "[fw-wiz] NAT Based on Service with only one legal IP"
- Next in thread: Sloane, David: "RE: [fw-wiz] NAT Based on Service with only one legal IP"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "'W. Builder'" <xbuilder@yahoo.com>, firewall-wizards@honor.icsalabs.com Date: Wed, 21 May 2003 16:49:47 +0100
I dont know if I have understood your question correctly. Do you mean you
have one legal static IP address OR one legal DHCP and you wish to perform
hide nat (NAPT) on outbound traffic.
If so you can do this on the PIX with either the fixed IP or the DHCP
address. This in addition to the port redirection feature in PIX version 6.0
and above will allow you to host services that reside on your inside
network. You can use the keyword INTERFACE in PIX static and global
commands, this ensures your config does not need updating if your IP address
changes. This looks like a really handy feature for DSL users.
See this link for more info
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note0918
6a0080094aad.shtml
HTH
-----Original Message-----
From: W. Builder [mailto:xbuilder@yahoo.com]
Sent: 20 May 2003 16:43
To: firewall-wizards@honor.icsalabs.com
Subject: [fw-wiz] NAT Based on Service with only one legal IP
Dear Gurus
Service based NAT with only one legal IP can be done
with Checkpoint FW-1 NG but not for dynamically
allocated legal IP
http://www.phoneboy.com/fom-serve/cache/86.html
Are there any other non-CheckPoint firewall s/ware
products or appliances that can do this with both
one legal static IP ? With one dynamically assigned
legal IP?
Many thanks
W.Builder
__________________________________________________
It's Samaritans' Week. Help Samaritans help others.
Call 08709 000032 to give or donate online now at
http://www.samaritans.org/support/donations.shtm
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
********************************************************************************************
" This message contains information that may be privileged or confidential and
is the property of the Cap Gemini Ernst & Young Group. It is intended only for
the person to whom it is addressed. If you are not the intended recipient, you
are not authorized to read, print, retain, copy, disseminate, distribute, or use
this message or any part thereof. If you receive this message in error, please
notify the sender immediately and delete all copies of this message ".
********************************************************************************************
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: Baba Jayeju: "[fw-wiz] Adding 2ndary IP to IPSO"
- Maybe in reply to: W. Builder: "[fw-wiz] NAT Based on Service with only one legal IP"
- Next in thread: Sloane, David: "RE: [fw-wiz] NAT Based on Service with only one legal IP"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
