Solved

How to Prevent Checkpoint NAT from Changing Port Mapping

Posted on 2009-06-29
2
949 Views
Last Modified: 2013-11-16
We are looking for a way to configure a Checkpoint R65 based NAT to not periodically change source port mapping for NATted UDP communication.  From network sniffs on the WAN side of the NAT we see that the source port (from the NAT) is incremented by one every few minutes.  Is there a way to disable this behavior such that the source port remains fixed, or to increase the interval at which this occurs.  BTW a static NAT is not an option for security reasons.  Many thanks.
0
Comment
Question by:dmb17
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 18

Accepted Solution

by:
deimark earned 500 total points
ID: 24742953
In short, yes you can.

Instead of using automatic NAT rules, ie hide the internal networks behind the external interface, which will use port translation too, you can also create your own manula nat rules where the source port is untranslated.

Be aware though, the automatic nat and port translation do help in most instances and you need be sure that you are not going to break anything by using the manual rules with no port translation.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question