Re: NAT sanity check

["Halchishak, John" <john.halchishak () ciber-az com>]

I don't see why it would not work with Checkpoint but it does with the
PIX Our PIX actually NAT's public spares to specific internal addresses
and PAT's one public for all other traffic out.

John Halchishak
 


Hi,

I'm hoping someone can provide a sanity check on the following
configuration
- i.e.: will it work?

I've got a /29 public network, addresses (say) .2 to .6, with default
gateway of .1.  Can I place a Checkpoint firewall on .2 and have it use
the
remaining addresses for NAT'd services on the other side of the
firewall?

I ask as I'm certain I've done this in the past, but I'm a few years out
of
doing firewall work and my current technical contact reckons this won't
work
- that the default gate will ARP for the address and the .2 firewall
won't
respond; and that furthermore the only way to use the addresses would be
to
put a different subnet between the default gateway and the firewall and
route the /29 network to the firewall (which I agree will work, but...)

Also, would it work if the firewall was a PIX?

TIA

-- 
_______________________________
David Steele

<insert sig line witticism here>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
https://listserv.icsalabs.com/pipermail/firewall-wizards/attachments/200
71101/cc0af63e/attachment-0001.html 

_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards