Re: NAT Not Always Applying

Will <westes-usc@xxxxxxxxxxxxxx> wrote:
: I'm having some strange result in an older Checkpoint firewall. I have an
: NAT rule to convert the destination IP on a public interface to a private
: IP. I have a corresponding route rule to get the incoming packet to the
: correct destination router interface.

: What I see with a sniffer on the firewall is that about one of every 15
: requests the NAT is not taking place. The packets are heading to the
: inbound router with the public IP address as the destination IP.

Will,
There used to be a bug in some very old version of CheckPoint Firewall-1
that would give this behaviour in certain circumstances. There were
however a workaround for this (that I don't have handy here anymore).
What version of Firewall-1 are you using?

Lars

.

Relevant Pages

  • NAT Not Always Applying
    ... I'm having some strange result in an older Checkpoint firewall. ... NAT rule to convert the destination IP on a public interface to a private ...
    (comp.security.firewalls)
  • Re: How to block messenger in checkpoint firewall
    ... source and destination and services that need to add? ... beside block from checkpoint firewall, can i do it on w2k server group ... On my Checkpoint 500W UTM Appliance, I can go into its Smart Defense Configuration Module and, under Instant Messaging, block those services. ...
    (comp.security.firewalls)
  • Tryin to get to the right URL usin Checkpoint
    ... I run CheckPoint Firewall Version 4.1 ... even if the destination IP address, and TCP port number are same for ... Becker ...
    (comp.security.firewalls)
  • URL
    ... I run CheckPoint Firewall Version 4.1 ... from accessing a particular URL on Web Site ... even if the destination IP address, and TCP port number are same for ...
    (comp.security.firewalls)
Loading