Posted on 2009-02-23
Last Modified: 2013-11-16
the scenario is as follow:

client ( --------- ( firewall A( ---------------
( Firewall B) ( ---------------- server(

if Client want to connect to port 22 in Server,
1) what rule should I allow on Firewall A and Firewall B?
2. what NAT should I add on both firewall?
3. what static route should I add? i.e route destination mask nexthop
Question by:kecoak
    LVL 11

    Accepted Solution

    On Firewall A and Firewall B you need to add a rule:

        Service: TCP 22

    Your Client needs to have a route for via

    Firewall A needs to have a route for via

    Firewall B needs a route to via

    The netmasks depends on the size of the networks assuming /24 then all masks will be



    Author Comment

    Firewall A needs to have a route for via

    Firewall B needs a route to via

    can you explain this ?
    LVL 14

    Expert Comment

    If FW-A receives a packet from client ( destined for server( it checks to see if that network is directly connected.

     It isn't so it then looks up its routing table and checks for a route to the specific network 192.168.8.x

    If it doesn't find that then it will look for a default route to forward the packet to which is via the default gateway

    Therefore setting the default gateway for FW-A to FW-B's IP address and vice versa would sort the problem out.

    default gateway for FW-A =
    default gateway for FW-B =

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Join & Write a Comment

    Suggested Solutions

    Title # Comments Views Activity
    Network Activities  please help 16 70
    .XTBL Ramsomware 2 151
    Russian pop up ad virus 8 94
    How to remove Odin ransomware ? 10 101
    PREFACE The purpose of this guide is to provide information to successfully install the MS SQL client tools for the Symantec Endpoint Protection Manager (SEPM) to function properly when installed on Windows 2008. AUDIENCE Information Technology…
    Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
    Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    730 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now