NAT Not Always Applying - Firewalls

This is a discussion on NAT Not Always Applying - Firewalls ; I'm having some strange result in an older Checkpoint firewall. I have an NAT rule to convert the destination IP on a public interface to a private IP. I have a corresponding route rule to get the incoming packet to ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: NAT Not Always Applying

  1. NAT Not Always Applying

    I'm having some strange result in an older Checkpoint firewall. I have an
    NAT rule to convert the destination IP on a public interface to a private
    IP. I have a corresponding route rule to get the incoming packet to the
    correct destination router interface.

    What I see with a sniffer on the firewall is that about one of every 15
    requests the NAT is not taking place. The packets are heading to the
    inbound router with the public IP address as the destination IP.

    I tried rebooting but that did not fix it. What would cause this strange
    result?

    --
    Will



  2. Re: NAT Not Always Applying

    Will wrote:
    : I'm having some strange result in an older Checkpoint firewall. I have an
    : NAT rule to convert the destination IP on a public interface to a private
    : IP. I have a corresponding route rule to get the incoming packet to the
    : correct destination router interface.

    : What I see with a sniffer on the firewall is that about one of every 15
    : requests the NAT is not taking place. The packets are heading to the
    : inbound router with the public IP address as the destination IP.

    Will,
    There used to be a bug in some very old version of CheckPoint Firewall-1
    that would give this behaviour in certain circumstances. There were
    however a workaround for this (that I don't have handy here anymore).
    What version of Firewall-1 are you using?

    Lars


+ Reply to Thread