Firewall Wizards mailing list archives
NAT sanity check
From: "David Steele" <steeled3 () gmail com>
Date: Thu, 1 Nov 2007 21:24:24 -0400
Hi, I'm hoping someone can provide a sanity check on the following configuration - i.e.: will it work? I've got a /29 public network, addresses (say) .2 to .6, with default gateway of .1. Can I place a Checkpoint firewall on .2 and have it use the remaining addresses for NAT'd services on the other side of the firewall? I ask as I'm certain I've done this in the past, but I'm a few years out of doing firewall work and my current technical contact reckons this won't work - that the default gate will ARP for the address and the .2 firewall won't respond; and that furthermore the only way to use the addresses would be to put a different subnet between the default gateway and the firewall and route the /29 network to the firewall (which I agree will work, but...) Also, would it work if the firewall was a PIX? TIA -- _______________________________ David Steele <insert sig line witticism here>
_______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- NAT sanity check David Steele (Nov 05)
- Re: NAT sanity check Darden, Patrick S. (Nov 07)
- Re: NAT sanity check James (Nov 07)
- Re: NAT sanity check Paul Melson (Nov 07)
- <Possible follow-ups>
- Re: NAT sanity check Halchishak, John (Nov 07)