• November 17, 2019, 11:17:01 AM
Welcome, Guest. Please login or register. Registration is free.
Did you miss your activation email?

Author Topic: Manual NAT and forwarding rules  (Read 6690 times)

0 Members and 1 Guest are viewing this topic.

Offline Dorian

  • Full Member
  • ***
  • Posts: 68
Manual NAT and forwarding rules
« on: February 15, 2011, 10:25:16 AM »
Hello, I have a little problem with manual NAT, I hope someone can help me.

Architechture is quite simple:
- my checkpoint is connected to the internet (83.216.24.10) and to my LAN (192.168.0.100).
- I have 2 web servers, the old one (IP address: 192.168.0.1), the new one (IP address: 192.168.0.2).
- I have one public adress for my web server: 83.216.24.11.
- Only the old webserver is operationnal. I use static NAT for it 83.216.24.11->192.168.0.1 for all protocols. And I have a rule in my firewall which allow every protocol form any source to the destination 192.168.0.1.

What I want to do:
- I want to test my new webserver with only HTTPS, and keep my old webserver during the process.

What I think I have to do:
- Create a manual NAT rule for the protocol 443, to redirect 83.216.24.11:443 -> 192.168.0.2:443
- Create a rule in the firewall to allow every source to the destination 192.168.0.2 for the protocol 443.

Questions I have are:
- Where do I have to put my manual NAT rule ? In first position (above automatic NAT rules), in last position (below NAT rules)?
- Which adress do I have to put in my firewall rule 192.168.0.x or 83.216.24.11 ?

Regards,


Offline Flintstone

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 961
Re: Manual NAT and forwarding rules
« Reply #1 on: February 15, 2011, 10:45:58 AM »
Hi,

The NAT rule would need to be before your existing NAT rule that already goes to the old web server.  Remember that HTTPS will no longer go to the old web server.

The firewall rule:

Source                 Destination
Any                      83.216.24.11

Good luck

Offline Dorian

  • Full Member
  • ***
  • Posts: 68
Re: Manual NAT and forwarding rules
« Reply #2 on: February 15, 2011, 10:52:01 AM »
Thank for your help.

Offline Dorian

  • Full Member
  • ***
  • Posts: 68
Re: Manual NAT and forwarding rules
« Reply #3 on: February 15, 2011, 11:59:08 AM »
One more question

Could this modification cause an increase in "connections" (seen with SmartView Monitor) through my Firewall ?

I suppose it's a coincidence, but I'm a little scared.

Offline Flintstone

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 961
Re: Manual NAT and forwarding rules
« Reply #4 on: February 15, 2011, 02:56:29 PM »
You will only see extra connections for the new website.  I wouldn't worry too much.

CheerZ
« Last Edit: February 15, 2011, 02:58:16 PM by Flintstone »

Offline Dorian

  • Full Member
  • ***
  • Posts: 68
Re: Manual NAT and forwarding rules
« Reply #5 on: February 16, 2011, 05:39:43 AM »
My rules are installed, everything is ok !

Offline Flintstone

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 961
Re: Manual NAT and forwarding rules
« Reply #6 on: February 16, 2011, 05:50:53 AM »
 :)