• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 742
  • Last Modified:

How to hide NAT certain hosts going to certain destinations on NGXR^)

All i have certain inside hosts that need to directly access specific hosts on the internet, as i dont want internal hosts to have direct access to ht egeneral Internet (they have a controlled proxy server for that) i want to just hide specific hostes/ip ranges going only to these specific sites onthe internet, i have the external sites NATed to an internal address but i still need to nat theses specific hosts to hide behind the external interface when only goin to theses sites.I dont want to have theses hosts nated going out any other interface, i have 8 interfaces, one external (Internet) 2 semi trusted DMZ , and other fully trusted DMZ's aka WAN from remote offices. I was thinking a specific Manual NAT would do the trick but i cant sem to get checkpijt to accept that, is ther ea way to do what i am looking for, oh and i dont want to use NAT exception rules for intertnal traffic either as gets to messing and complicated for trouble shotting.
0
tul0rjs
Asked:
tul0rjs
1 Solution
 
grimkinCommented:
Hi there,

I'm not sure if i've understood correctly - a diagram would be appreciated - but it sounds like you are right with the manual NAT rules.

Create a dummy object for the objects to NAT to and then create the rule:

from: my_internal_node
to: certain_node
service:xyz
xlate src: dummy_node
dst: original
service: original

HTH
0

Featured Post

SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now