Thread: Pls share your experience
View Single Post
  #1 (permalink)  
Old 2008-03-19
vvcat vvcat is offline
Junior Member
  
Join Date: 2008-01-30
Posts: 27
Rep Power: 0
vvcat has an average reputation (10+)
Default Pls share your experience
Hi all,

just share your experience, I think should not a problem

CASE 1

firewall have 3 segment
DMZ 192.160.2.x
LAN 192.160.3.x
WAN 202.x.x.x

webserver was put on DMZ e.g. IP is 192.160.2.4 NAT 202.32.33.8 (one-to-one NAT)
email server put on LAN e.g. IP is 192.160.3.4 NAT 202.32.33.9 (one-to-one NAT)

suppose LAN PC can only ping 192.160.2.4 and 192.160.3.4, but actually LAN PCs can ping 202.32.33.8 and 9, is it normal on checkpoint firewall?

we use sonicwall and netscreen before, but cannot ping NAT true IP except the whole LAN zone is a true IP.
Reply With Quote