You right....
but there is a method to my madness...LOL
I use the Automatic translation rules for Static or Hide on
the host
that need internet access.
While I use manual translation rules for any VPN
translation...
Since my manual translations are first on the list, it
always easier for
me to add a new VPN translation as required (specific only
to that
particular VPN connection).
The automatic translation rule as being last, it takes care
if the host
has to have Internet access.
It is just a simple, effective method that has worked well
over
different Checkpoint versions. Just sharing it...
Regards
Previtera, Sal <Sal.Previtera WTH.ORG> wrote:
>
> Yes, Automatic translation are great if just doing a
simple
> translation....
> remember that manual translation rules are always
executed first
before
> automatic translation rules.
This is not quite true. You can insert manual NAT rules
either before
or after the automatic rules.
- --
David DeSimone == Network Admin == foxverio.net
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERVamadeus.us.checkpoint.com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http:
//www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-ownerts.checkpoint.com
=================================================
|
