Firewall Wizards mailing list archives
RE: NAT Based on Service with only one legal IP
From: "W. Builder" <xbuilder () yahoo com>
Date: Wed, 21 May 2003 13:39:49 +0100 (BST)
A typical scenario is a small office LAN comprised of SMTP, FTP and HTTP servers with internal IPs and a xDSL broadband connection to the outside world with only one dynamically assigned legal IP FW-1 can not handle the dynamically assigned IP
I suspect that any of these new 'appliances' that have software to deal with xDSL, where addresses are very frequently assigned, will be able to cope with this - it's just a question of how much you call them 'firewalls'. The basic problem is that if the box itself isn't involved in negotiating the IP address it becomes ugly.
Has anyone seen/used an xDSL appliance that can do service based NAT with only one dynamically assigned legal IP?
So, in short, moving your NAT to the network border and doing it on your screening router is one option. That might also break other stuff that you do, like VPNs. Who knows. ben-----Original Message----- From: firewall-wizards-admin () honor icsalabs com [mailto:firewall-wizards-admin () honor icsalabs com]On BehalfOf W. Builder Sent: Tuesday, May 20, 2003 5:43 PM To: firewall-wizards () honor icsalabs com Dear Gurus Service based NAT with only one legal IP can bedone withCheckpoint FW-1 NG but not for dynamicallyallocated legal IPhttp://www.phoneboy.com/fom-serve/cache/86.html Are there any other non-CheckPoint firewall s/wareproductsor appliances that can do this with both one legalstatic IP? With one dynamically assigned legal IP? Many thanks W.Builder
__________________________________________________ It's Samaritans' Week. Help Samaritans help others. Call 08709 000032 to give or donate online now at http://www.samaritans.org/support/donations.shtm _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- NAT Based on Service with only one legal IP W. Builder (May 20)
- RE: NAT Based on Service with only one legal IP Ben Nagy (May 22)
- RE: NAT Based on Service with only one legal IP W. Builder (May 22)
- <Possible follow-ups>
- RE: NAT Based on Service with only one legal IP Ahmed, Balal (May 22)
- RE: NAT Based on Service with only one legal IP manatworkyes moderator (May 22)
- RE: NAT Based on Service with only one legal IP Sloane, David (May 22)
- RE: NAT Based on Service with only one legal IP Sloane, David (May 23)
- RE: NAT Based on Service with only one legal IP Ben Nagy (May 22)