Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Checkpoint Firewall IP Addresses?

Posted on 2001-06-04
10
238 Views
Last Modified: 2013-11-16
I'm testing Checkpoint Firewall 4.1 at home.  I got only one static IP address from my ISP.  I'm trying to setup NAT with 192.168.0.x scope on my LAN for Internet Sharing.  I put the valid IP address on the external Interface and 192.168.0.1 on my internal interface (I'm running Firewall and Management modules in the same NT box).  Anything else do I need to setup on my Checkpoint to make NAT work?  I'll appreciate very much if you can show me step by step because I'm new in this field.  Thanks.
0
Comment
Question by:ThaiTran
10 Comments
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 6152805
Yes.  You need some rules to actually implement the NAT.  Otherwise your private addresses will leak out onto the Internet, which won't work because they'll be blocked by your ISP.

Check out what PhoneBoy has to say on the subject at http://www.phoneboy.com/.
0
 
LVL 2

Author Comment

by:ThaiTran
ID: 6153090
I know I will need some rules setup.  I did check the link but i still need step by step configuration.
0
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 6153109
Sorry, I don't have access to FW-1 right now to play with the instructions.
0
Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

 
LVL 5

Accepted Solution

by:
Droby10 earned 100 total points
ID: 6154574
define your networks/hosts/address ranges

select manage->network objects from the menu in the policy editor.

select the network/host/address range you want to apply a network translation to...

click edit

in the general tab you should have your private ip in the ip address field.

select the nat tab.
click the add automatic...checkbox

select the desired translation method and enter the translated ip address...

apply your policy.
0
 
LVL 1

Expert Comment

by:Wandering_Wizard
ID: 6218016
If you have the original CD looking the documentation folder for the getting started guide.

On my version it has a tutorial starting on P87.
0
 
LVL 3

Expert Comment

by:FlamingSword
ID: 6784013
As far as scope goes, I recommend defining all 256 up front as initial range, then, defining then unavailable ones (for whatever reason).

Justification is to facilitate growth, and self-document. The alternative of expanding a scope leads to a number of problems, among them S/W breaking and running into devices that have or had hardcoded addresses unknown to admin.
0
 
LVL 2

Author Comment

by:ThaiTran
ID: 6784476
I took the class and figured out how to make it work.. Thanks a lot for your comments.
0
 
LVL 49

Expert Comment

by:DanRollins
ID: 7088734
Hi ThaiTran,
You've requested to delete this question, but its status has remained as 'Pending Delete' because one or more comments have been added.  Normally, the only way to fully delete such a Question is to post a message to Community Support and ask for assistance.

EE is making a one-time database sweep to purge the Pending Delete Questions automatically.  During this sweep:

    ThaiTran -- To allow the deletion to proceed:  Do nothing.
    EXPERTS -- Please DON'T POST a comment except to contest this deletion.

In the future, please refer to http://www.experts-exchange.com/jsp/cmtyHelpDesk.jsp#8 for instruction on deleting questions.

DanRollins -- EE database cleanup volunteer
0
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 7090728
Seems to me the points should go to Droby10
0
 
LVL 1

Expert Comment

by:Moondancer
ID: 7119982
Thanks to all, finalized.
Moondancer - EE Moderator
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
More Wifi, 5 68
ticket bloat 3 50
Orphaned SIDs on shared folders 3 30
The provided anti-forgery token was meant for user "", but the current user is "testUser". 9 35
If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
There's a lot of hype surrounding blockchain technology. Here's how it works and some of the novel ways it' s now being used - including for data protection.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question