Firewall-1
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [FW-1] HELP IN PORT REDIRECT !!!!

from Reinhard Stich [Permanent Link]
Subject: Re: [FW-1] HELP IN PORT REDIRECT !!!!
From: Reinhard Stich <r.stich AT INTERNET-SECURITY DOT AT>
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date: Sat, 21 Feb 2004 16:56:59 +0100 
hi,

use the manual-NAT-tab to create a rule:

original src: any
original dst: 202.xxx.xxx.xxx
original service: 555
translated src: =
translated dst: 10.0.0.10
translated service: 80

then generate a rule:

any -> 202.xxx.xxx.xxx -> 555 accept

cheers
reinhard

At 20:58 20.02.2004, you wrote:

Hi Lists,

Once again I comes with some Problem.



In My DMZ zone there is some web Server Running without  Public IP like
10.0.0.10

Now I want to access this site by the Firewall IP with Specific Port
Like..htttp://202.xxx.xxx.xxx:555



When someone click on this link it redirect to http://10.0.0.10:80.



I read the Checkpoint Document but it is not very Clear. According to the
Doc. They suggest for the Http port mapping.



I have these following Doubt regarding this Problem.



  a.. When We make the http_mapped , what is put in IP Protocol Field??
  b.. SRV_REDIRECT(555,10.0.0.10,80) is it right ??
  c.. How we add rule in checkpoint like


Source    Destination      Service        Action



Any      Firewall             Http_MAP     Accept

Any      websever            http                Accept





IS this is Right? I am using Checkpoint SecurePlateform.



How can I troubleshoot this  problem? Waiting for your's Valuable Advice

I hope you can help me, thanks in advance

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================


--
Reinhard Stich, ASSIST R.Stich AT internet-security DOT at
Internet Security AG,     1150 Wien, Johnstrasse 29
Tel: +43 1 3709440 RS784-RIPE Fax: +43 1 3709440-10

Kennen Sie unsere Mailing-Listen für Techniker?
Infos unter https://isecure.internet-security.at/infos.html#2

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [FW-1] Client Authentication problem, Fabio Maria Teti
Next by Date:  [FW-1] redirecting message/partial mail to another SMTP server, Katsumi, Fred
Previous by Thread:  [FW-1] implement SNMP trap on NG fw-1, Jesús Vázquez
Next by Thread:  Re: [FW-1] HELP IN PORT REDIRECT !!!!, Beck, Aaron
Indexes:  [Date] [Thread] [Top] [All Lists]