CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


First, I hope you're all well and staying safe.
Second, I want to give a "heads up" that you should see more activity here shortly, and maybe a few cosmetic changes.
I'll post more details to the "Announcements" forum soon, so be on the lookout. -E

 

Results 1 to 4 of 4

Thread: Strange NAT problem. Both the firewalls internal and external addresses used

  1. #1
    Join Date
    2007-11-22
    Posts
    17
    Rep Power
    0

    Default Strange NAT problem. Both the firewalls internal and external addresses used

    I have a strange problem on a IP295 running IPSO 4.2. Our proxy server is natted behind the firewall and (almost) all outgoing requests work as expected with the proxy natted behind the firewalls external address. However, outgoing requests to two specific servers, from the same proxy server are natted behind the firewalls LAN address.

    All requests go through the same firewall rule and the same NAT rule, but for some reason or other the ones to the two specific servers are natted behind the firewalls LAN address (and then dropped because the address is spoofed).

    Any thoughts on what may cause this?

    Regards,

    Peter

  2. #2
    Join Date
    2006-07-28
    Location
    San Francisco, USA
    Posts
    2,494
    Rep Power
    16

    Default Re: Strange NAT problem. Both the firewalls internal and external addresses used

    How have you configured the NAT rule? To hide behind the outgoing gateway, or are you hiding behind a specific object that represents the firewall?

    Doublecheck your routing table, in case there are some other routes for those servers, that point out a different interface.

  3. #3
    Join Date
    2007-11-22
    Posts
    17
    Rep Power
    0

    Default Re: Strange NAT problem. Both the firewalls internal and external addresses used

    I think you hit the head of the nail there. Found an old static route for the subnet the two servers are in. Will remove it and see if this fixes the problem. Out next week, so will not report back until week after.

    Regards,

    Peter

  4. #4
    Join Date
    2006-07-28
    Location
    San Francisco, USA
    Posts
    2,494
    Rep Power
    16

    Default Re: Strange NAT problem. Both the firewalls internal and external addresses used

    Yep, sounds like that should fix it.

Similar Threads

  1. NAT Rule 0 from External vs. Internal
    By syn-ack in forum NAT (Network Address Translation)
    Replies: 4
    Last Post: 2010-03-04, 00:48
  2. Nat'ing external to internal on different port
    By gabber in forum NAT (Network Address Translation)
    Replies: 1
    Last Post: 2008-11-25, 07:46
  3. External and Internal Interface Problem
    By romura in forum Miscellaneous
    Replies: 3
    Last Post: 2008-10-29, 09:19
  4. 2 outside addresses NAT'd to 1 internal
    By bkeaver in forum NAT (Network Address Translation)
    Replies: 5
    Last Post: 2007-09-20, 08:45
  5. Use NAT to translate an external IP to an internal one?
    By RayPesek in forum NAT (Network Address Translation)
    Replies: 5
    Last Post: 2006-12-29, 22:01

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •