CPUG

The Check Point User Group

A Resource For The Check Point Community.  Fast.  Useful.  Independent.

1. Come to CPUG CON 2008 EUROPE in Switzerland on September 8th - 9th!
    Two days full of technical content for Check Point administrators in the beautiful Swiss Alps!
    We already have sign-ups from twelve different countries!
2. CCSA/CCSE One-Week Dual-Certification Training Course with CPUG in San Francisco!
    Courses Starting 7/14, 8/25, 10/6, 11/3, 12/8, (2009) 1/19, 2/9, 3/9, 4/6, 5/4, 6/8.
3. Corrent S3500 SecureXL Turbocards For Sale - Last Six Remaining - Get Your Spares!
4. Join Us On LinkedIn - We now have a CPUG group.


Go Back   CPUG: The Check Point User Group > Check Point Firewall-1/VPN-1 And Related Products > NAT (Network Address Translation)
Reload this Page Inbound NAT Works, outbound Doesn't?
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 2008-03-21
Startrek4u Startrek4u is offline
Junior Member
  
Join Date: 2007-05-17
Posts: 21
Rep Power: 0
Startrek4u has an average reputation (10+)
Default Inbound NAT Works, outbound Doesn't?
I have a server which I have a static NAT setup for right on the object in SmartDashboard. I can see the NAT rule in the address translation window, and it the policy installs fine on the FW. The problem I'm having is this: Connections coming into the public IP of this server from the outside work fine and get translated correctly and hit the server as they are supposed to, however connections from this server outbound are translated using the Hide NAT I have for my regular internet traffic. Other NAT rules are working fine, I've verified that the addressing is correct and I didn't mis-type something or use it somewhere else. I'm rather confused, anyone have any ideas?

I'm running SPLAT NGX R62

Thanks.
Reply With Quote
  #2 (permalink)  
Old 2008-03-21
rokudan rokudan is offline
Member
  
Join Date: 2008-01-10
Location: Orlando, FL
Posts: 75
Rep Power: 1
rokudan has an average reputation (10+)
Send a message via AIM to rokudan
Default Re: Inbound NAT Works, outbound Doesn't?
Move the NAT rule for this particular object above the NAT rule for the regular hide NAT.
Reply With Quote
  #3 (permalink)  
Old 2008-03-21
Startrek4u Startrek4u is offline
Junior Member
  
Join Date: 2007-05-17
Posts: 21
Rep Power: 0
Startrek4u has an average reputation (10+)
Default Re: Inbound NAT Works, outbound Doesn't?
The hide nat is a manual rule and the static nat is an automatic so I can't move the hide below it. If I change it from a manual rule and set the NAT properties on my GW would that effectively solve my problem? That should put the rule below.
Reply With Quote
  #4 (permalink)  
Old 2008-03-21
lammbo lammbo is offline
Senior Member
  
Join Date: 2006-02-09
Location: Charleston, SC
Posts: 234
Rep Power: 3
lammbo has an average reputation (10+)
Default Re: Inbound NAT Works, outbound Doesn't?
Quote:
Originally Posted by Startrek4u View Post
The hide nat is a manual rule and the static nat is an automatic so I can't move the hide below it. If I change it from a manual rule and set the NAT properties on my GW would that effectively solve my problem? That should put the rule below.
Yes you can. The Automatic rule placement stumped me at first also but you can right click and create a new rule above or below the entire block of Auto NAT rules.
__________________
There's no place like 127.0.0.1
Reply With Quote
  #5 (permalink)  
Old 2008-03-21
Startrek4u Startrek4u is offline
Junior Member
  
Join Date: 2007-05-17
Posts: 21
Rep Power: 0
Startrek4u has an average reputation (10+)
Default Re: Inbound NAT Works, outbound Doesn't?
So it appears you can, I tried it but couldn't get it to work initially, I ended up having to drag another rule down and modifying it, I'll push the policy later today and see if it works.

Thanks!
Reply With Quote
  #6 (permalink)  
Old 2008-04-09
coldark coldark is offline
Member
  
Join Date: 2006-08-30
Location: Cheshire UK
Posts: 32
Rep Power: 0
coldark has an average reputation (10+)
Default Re: Inbound NAT Works, outbound Doesn't?
an alternative to dragging and dropping is to

right click in the number column of the rule you want to move > select cut

right click in the number column of the rule below the position you want > select Paste Rule > Above
Reply With Quote
  #7 (permalink)  
Old 2008-04-09
MarioL MarioL is offline
Senior Member
  
Join Date: 2007-01-18
Location: London
Posts: 346
Rep Power: 2
MarioL has an average reputation (10+)
Default Re: Inbound NAT Works, outbound Doesn't?
You can also "Add rule to the top" or "Add rule to the bottom".

Usually I have the "non-NAT" rules at the top, then the automatic static NATs and then a manual Hide NAT at the bottom.
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -7. The time now is 15:47.

Contact Us - CPUG Home Page - Archive - Top

Powered by vBulletin® Version 3.7.2
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
LinkBacks Enabled by vBSEO 3.0.0