NAT Not Always Applying

I'm having some strange result in an older Checkpoint firewall. I have an
NAT rule to convert the destination IP on a public interface to a private
IP. I have a corresponding route rule to get the incoming packet to the
correct destination router interface.

What I see with a sniffer on the firewall is that about one of every 15
requests the NAT is not taking place. The packets are heading to the
inbound router with the public IP address as the destination IP.

I tried rebooting but that did not fix it. What would cause this strange
result?

--
Will

Re: NAT Not Always Applying

Will wrote:
: I'm having some strange result in an older Checkpoint firewall. I have an
: NAT rule to convert the destination IP on a public interface to a private
: IP. I have a corresponding route rule to get the incoming packet to the
: correct destination router interface.

: What I see with a sniffer on the firewall is that about one of every 15
: requests the NAT is not taking place. The packets are heading to the
: inbound router with the public IP address as the destination IP.

Will,
There used to be a bug in some very old version of CheckPoint Firewall-1
that would give this behaviour in certain circumstances. There were
however a workaround for this (that I don't have handy here anymore).
What version of Firewall-1 are you using?

Lars