Hello!
I have a nat configured for an IP in a DMZ, need this server able to
connect with another server in the same DMZ (also with a NAT) but
using the external (homologate) IP. Until now I have not being able to
do it and with every try the Stonegate firewall shows "spoofed
packet". How can I configure the firewall to accept them?
On 20 helmi, 00:36, "Bkiddo"
> Hello!
>
> I have a nat configured for an IP in a DMZ, need this server able to
> connect with another server in the same DMZ (also with a NAT) but
> using the external (homologate) IP. Until now I have not being able to
> do it and with every try theStonegatefirewall shows "spoofed
> packet". How can I configure the firewall to accept them?
You have to add the external address under the correct interface in
Antispoofing. StoneGate considers the packet spoofed since the traffic
is using an IP address that should not exist in that network (based on
routing). Or you could just configure the server to have both IP
addresses and not direct the communications through the firewall if
you don't need to log the connections.