Re: [fw-wiz] NAT sanity check
- From: "Halchishak, John" <john.halchishak@xxxxxxxxxxxx>
- Date: Tue, 6 Nov 2007 12:49:35 -0700
I don't see why it would not work with Checkpoint but it does with the
PIX Our PIX actually NAT's public spares to specific internal addresses
and PAT's one public for all other traffic out.
I'm hoping someone can provide a sanity check on the following
- i.e.: will it work?
I've got a /29 public network, addresses (say) .2 to .6, with default
gateway of .1. Can I place a Checkpoint firewall on .2 and have it use
remaining addresses for NAT'd services on the other side of the
I ask as I'm certain I've done this in the past, but I'm a few years out
doing firewall work and my current technical contact reckons this won't
- that the default gate will ARP for the address and the .2 firewall
respond; and that furthermore the only way to use the addresses would be
put a different subnet between the default gateway and the firewall and
route the /29 network to the firewall (which I agree will work, but...)
Also, would it work if the firewall was a PIX?
<insert sig line witticism here>
-------------- next part --------------
An HTML attachment was scrubbed...
firewall-wizards mailing list
- Prev by Date: Re: [fw-wiz] NAT sanity check
- Next by Date: [fw-wiz] 2nd Life
- Previous by thread: Re: [fw-wiz] NAT sanity check
- Next by thread: Re: [fw-wiz] Pix rulebase/policy analysis