Firewall-1: Can Internal Hosts Share One Public IP With Static and Hidden NAT?

Firewall-1: Can Internal Hosts Share One Public IP With Static and Hidden NAT?

am 17.04.2008 08:34:41 von Will

We have two mail servers: one for incoming mail and one for outgoing, and
both are behind Firewall-1. I want them to be seen on the Internet as a
single IP address. Can I have a single common public address that exists
both in a static and hidden translation rule at the same time?

I would configure the incoming mail server with a static rule, so that
incoming packets to that public IP get directed by the firewall to the
incoming mail server. I would configure the outgoing mail server with a
hidden automatic NAT rule that points to the same public IP, so that
outgoing packets from that mail server get NAT'd to the common public IP.

I know this works for more than one host to share one public IP using hidden
translation, but I don't know yet if it would work with a single public IP
using both a static and hidden rule. Any advice on this is appreciated.

--
Will

Re: Firewall-1: Can Internal Hosts Share One Public IP With Static and Hidden NAT?

am 20.04.2008 02:17:15 von larstr

Will wrote:
: We have two mail servers: one for incoming mail and one for outgoing, and
: both are behind Firewall-1. I want them to be seen on the Internet as a
: single IP address. Can I have a single common public address that exists
: both in a static and hidden translation rule at the same time?

Try using a normal automatic static setup for the inbound connection and setup a
manual rule with a hide rule for the outbound connection.

Lars

Re: Firewall-1: Can Internal Hosts Share One Public IP With Static and Hidden NAT?

am 20.04.2008 13:20:21 von Wayne McGlinn

Lookup "smtp security server" in the help files, you'll need that to get the
incoming mail traffic working. If you're not sure, check CD2 and the \Docs
directory.

Wayne McGlinn
Brisbane, Oz

"Will" wrote in message
news:G8mdnamF3YQfcpvVnZ2dnUVZ_tyknZ2d@giganews.com...
> We have two mail servers: one for incoming mail and one for outgoing, and
> both are behind Firewall-1. I want them to be seen on the Internet as a
> single IP address. Can I have a single common public address that
> exists both in a static and hidden translation rule at the same time?
>
> I would configure the incoming mail server with a static rule, so that
> incoming packets to that public IP get directed by the firewall to the
> incoming mail server. I would configure the outgoing mail server with a
> hidden automatic NAT rule that points to the same public IP, so that
> outgoing packets from that mail server get NAT'd to the common public IP.
>
> I know this works for more than one host to share one public IP using
> hidden translation, but I don't know yet if it would work with a single
> public IP using both a static and hidden rule. Any advice on this is
> appreciated.
>
> --
> Will
>
>
>
>