How NAT Works in FireWall-1
NAT is configured via the Address Translation tab in the Security Policy Editor. Two types of rules will show up here: manual rules, created by the administrator, and automatic rules that are created when NAT is configured on individual workstation, network, and address range objects. My personal preference is for manual rules because of the control you have over when these rules might apply.
If a packet does not match any rule in the address translation rules, the packet is not translated. If a packet does match a rule, the packet is translated, and no further processing occurs unless the “Allow bi-directional NAT” property in the NAT frame of the Global Properties section is enabled and automatic NAT rules exist. ...
Get Essential Check Point™ FireWall-1® NG: An Installation, Configuration, and Troubleshooting Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
