This set of checkpoint firewall is protecting a
particular set of web servers and these web servers
don't have route to internet and their default points
to some other backend servers. So instead of adding
routes on these web servers we want to use hide nat
for inbound connections. This way we add only one
route on the web servers. We hide nat all outbound
connections as well.
--- Ray <sixsigma44 AT HOTMAIL DOT COM> wrote:
> Out of curiosity, why would you want to Hide-NAT
> inbound connections?
>
> Ray
>
> >From: ajay jain <ajaykj09 AT YAHOO DOT COM>
> >Reply-To: Mailing list for discussion of Firewall-1
> ><FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>
> >To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
> >Subject: [FW-1] Hide nat problem
> >Date: Sat, 29 Jan 2005 20:00:41 -0800
> >
> >Hi,
> >
> >I ran into some problem with Hide nat. I am runnig
> >cluster xl (NG-AI R54) on Sun hardwre and os is
> >Solaris 8.
> >I am hiding outbound connection behind firewalls
> >external interface and inbound connections behind
> >internal interface.
> >In some connection inbound hide nat works fine but
> on
> >some connections firewall does not hide nat the
> >connections.
> >The size of connection table is set to 50,000. This
> >problem occurs even with about 1000 connections.
> >In the smart view tracker i dont see any error
> >message.
> >
> >Has anybody encountered this problem? I will
> >appreciate any help.
> >
> >
> >
> >__________________________________
> >Do you Yahoo!?
> >Yahoo! Mail - now with 250MB free storage. Learn
> more.
> >http://info.mail.yahoo.com/mail_250
> >
> >=================================================
> >To set vacation, Out-Of-Office, or away messages,
> >send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> >in the BODY of the email add:
> >set fw-1-mailinglist nomail
> >=================================================
> >To unsubscribe from this mailing list,
> >please see the instructions at
> >http://www.checkpoint.com/services/mailing.html
> >=================================================
> >If you have any questions on how to change your
> >subscription options, email
> >fw-1-owner AT ts.checkpoint DOT com
> >=================================================
>
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> fw-1-owner AT ts.checkpoint DOT com
> =================================================
>
__________________________________
Do you Yahoo!?
The all-new My Yahoo! - What will yours do?
http://my.yahoo.com
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
