Solved

How to hide NAT certain hosts going to certain destinations on NGXR^)

Posted on 2009-05-13
1
722 Views
Last Modified: 2013-11-16
All i have certain inside hosts that need to directly access specific hosts on the internet, as i dont want internal hosts to have direct access to ht egeneral Internet (they have a controlled proxy server for that) i want to just hide specific hostes/ip ranges going only to these specific sites onthe internet, i have the external sites NATed to an internal address but i still need to nat theses specific hosts to hide behind the external interface when only goin to theses sites.I dont want to have theses hosts nated going out any other interface, i have 8 interfaces, one external (Internet) 2 semi trusted DMZ , and other fully trusted DMZ's aka WAN from remote offices. I was thinking a specific Manual NAT would do the trick but i cant sem to get checkpijt to accept that, is ther ea way to do what i am looking for, oh and i dont want to use NAT exception rules for intertnal traffic either as gets to messing and complicated for trouble shotting.
0
Comment
Question by:tul0rjs
1 Comment
 
LVL 14

Accepted Solution

by:
grimkin earned 500 total points
Comment Utility
Hi there,

I'm not sure if i've understood correctly - a diagram would be appreciated - but it sounds like you are right with the manual NAT rules.

Create a dummy object for the objects to NAT to and then create the rule:

from: my_internal_node
to: certain_node
service:xyz
xlate src: dummy_node
dst: original
service: original

HTH
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now