I am using "public" IP addresses internally (not 10net or 192.168net),
but a range of addresses that someone else owns. (They were assigned to
us by a former parent company, and although they are "public", were
never used "publicly".) My Checkpoint firewall NAT's anything that needs
to go out to the internet, and "encryption domains" on the VPN gateways
tunnel the traffic that goes to our new parent company as we do hit
services on a few of their systems. (They don't access anything on our
end.) I don't see this as being any different than using 10net or
192.168net addressing.
It has been setup this way and working for years...
Now, the CIO of the new parent company is insisting we change our
internal IP addressing as he is not "comfortable" using someone else's
IP addresses, and has deemed my configuration "unacceptable".
Am I missing something? Does he have a point?
- jason
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
