> I've got a /29 public network, addresses (say) .2 to .6, with default
gateway of .1. Can I
> place a Checkpoint firewall on .2 and have it use the remaining addresses

for NAT'd services
> on the other side of the firewall?

Sure, you can use .3-.6 for publishing services to the internet (Check Point
calls it "static NAT") and use .2 for the firewall's outside interface and
also for outbound network traffic (Check Point calls this "hide NAT"). With
a /29 subnet, the first and eighth addresses (.0 and .7) are reserved and
cannot be used.

> Also, would it work if the firewall was a PIX?



firewall-wizards mailing list