RE: nating

[Jeroen Veeren <j.veeren () pointnet nl>]

Hi,

You probably mean 208.122.29.69 for the webserver.
I have never tried this myself, but it sounds possible.
The firewall allready arps and routes 208.122.29.69 to the 172.16.0.20.
If both the servers are on the same subnet, there is nothing to change
there.

So the only thing there is to change is your nat rulebase.
I would try the following:
Edit the rule that probably reads 
any --- 208.122.29.69 --- any | any --- 172.16.0.81 --- any
to:
any --- 208.122.29.69 --- nntp | any --- 172.16.0.81 --- nntp
then add a new rule saying
any --- 208.122.29.69 --- http | any --- 172.16.0.98 --- http

Of course you're rulebase additionally needs to allow http access in.

Hope this helps,

Jeroen.


-----Oorspronkelijk bericht-----
Van: Anand Vidhani [mailto:avidhani () ggn aithent com]
Verzonden: zondag 20 januari 2002 18:46
Aan: firewall-wizards () nfr com
Onderwerp: [fw-wiz] nating 


Hello,

I am using checkpoint firewall on NT 4.0.
I have a valid IP on firewall 208.122.29.72 and local 172.16.0.20.
I am using one to one NATing between valid IP 208.122.29.69 and local
IP 172.16.0.81.On local IP I am using only 119 port (NNTP ) for the
external users other services I have blocked for the external users.
I am also using web server on local IP 172.16.0.98.
Now I want to use valid IP 203.122.29.69 through NATing for web
server.
I want to use the NATing on service base.
Can we do this?. If yes please tell me in detail.

Thanks
Anand Vidhani












_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards