Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Copper

NAT in Aws Checkpoint instance

Jump to solution

Hello,

I want to host a web server which is located behind a aws chexkpoint cluster but i am unable to figure outbhow the traffic from internet will hit the firewall vpc..i have elastic ip in that account which i have mapped with the web server via firewall nat.. But when i try to access it from internet there is no traffic on firewall

Any advice on what i am missing here.

Thanks

0 Kudos
1 Solution

Accepted Solutions
Highlighted

Hi @LostBoY,

1) Add a AWS route table to the cluster with the internal networks
2) Add default route to the internet on the gateway.
3) Create a NAT rule:
n1.JPG
4) Creat a access rule
r1.JPG5) Hide NAT for Web Server
h1.JPG
6) Check AWS security groups (NACL) for the Elastic IP. Traffic must be allowed from the internet to Check Point firewall (cluster).

 

View solution in original post

Tags (1)
3 Replies
Highlighted

Hi @LostBoY,

1) Add a AWS route table to the cluster with the internal networks
2) Add default route to the internet on the gateway.
3) Create a NAT rule:
n1.JPG
4) Creat a access rule
r1.JPG5) Hide NAT for Web Server
h1.JPG
6) Check AWS security groups (NACL) for the Elastic IP. Traffic must be allowed from the internet to Check Point firewall (cluster).

 

View solution in original post

Tags (1)
Highlighted
Copper
Thanks for the reply. a couple of queries here.
1) can you please explain a bit more on point 1
2)I want to host a few webservers each with a dedicated IP.. so instead of hide behind gateway ..can i use hide behind ip address ?
0 Kudos
Highlighted
Copper

What i cant figure out is .. if i have an EIP by which i want to access the web server via Firewall ..then how do i associate that EIP with Firewall. i mean the routing part ..how will the internet know that for this particular EIP it has to reach this Firewall

0 Kudos