Firewall Wizards mailing list archives
Re: fun problem - possibly not possible
From: "Brian Loe" <knobdy () gmail com>
Date: Fri, 24 Mar 2006 08:41:30 -0600
If I follow the instruction/diagram correctly, the problem here is that both the sprayer and the destination host are on the same network, on the same firewall interface, all configured with private IPs and public NAT addresses. The sprayer can't ping the hosts it's listening for by their public IP addresses, get an error concerning NATs. Add an alias for those IPs on that DMZ interface, get an arror about routes... On 3/23/06, Paul Melson <pmelson () gmail com> wrote:
-----Original Message----- Subject: [fw-wiz] fun problem - possibly not possible
Use static NAT for the address/alias where Network Dispatcher Advisors are bound and listening. Then use access-lists to allow the traffic to the static NAT address that you want to allow from other networks. In the following example, the address you would want to NAT for is 9.9.10.1: http://www.samag.com/documents/s=1150/sam0106sf/0106f_f1.htm PaulM
_______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- fun problem - possibly not possible Brian Loe (Mar 22)
- RE: fun problem - possibly not possible Paul Melson (Mar 26)
- Re: fun problem - possibly not possible Brian Loe (Mar 26)
- RE: fun problem - possibly not possible Paul Melson (Mar 26)
- Re: fun problem - possibly not possible Brian Loe (Mar 26)
- Re: fun problem - possibly not possible Brian Loe (Mar 26)
- RE: fun problem - possibly not possible Paul Melson (Mar 26)