Hi,
I am trying to configure VPN-1 in such a way that all outgoing TCP
connections from our LAN to Internet at destination port 80 are redirected
to our HTTP proxy placed on the DMZ (simple transparent proxy for HTTP
connections).
A simple NAT rule saying [ source: LAN, destination: any, service: http -->
source nated: Original, destination nated: proxy, service: original ] should
make the job, but it doesn?t.
I get the following error: ?<Any> is valid only if the matching translated
column is <Original>?
I keep getting errors if I put a group of hosts (or a network) as
destination address.
I tried all sort of different things without succeed. Can this ?simple
thing? be done with FW-1 (running version R60).
Thanks. Regards,
Natxo
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
