This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Blason_R
Leader
Leader
‎2022-11-04 09:55 AM

How do I configure Static Destination NAT on CGNS AWS

Hi Team,

Does anyone have a documentation for configuring Static Destination NAT on CGNS AWS? I have front end subnet as 10.10.1.0/24 and backend subnet 10.10.2.0/24. Then I have web subnet as 10.10.6.0/24 and web server is 10.10.6.100. 

Can someone please guide me how do I NAT 10.10.6.100 through Check Point CGNS on AWS?

TIA

Blason R

 

Thanks and Regards,
Blason R
CCSA,CCSE,CCCS
0 Kudos
3 Replies
Nir_Shamir
Employee Employee
Employee
‎2022-11-05 11:37 PM

Hi,

you do it the same as any other NAT in Check Point NAT policy.

you said you need Destination NAT ? is it from the Web Server side or from the Internet side ? what is the flow you need ?

0 Kudos
Blason_R
Leader
Leader
‎2022-11-05 11:53 PM
In response to Nir_Shamir

Oh No - I guess I was not clear enough. I need to host the web server in a VPC which is behind checkpoint and since being a cluster how do I add one more Elastic IP on a cluster and route the traffic to checkpoint so that checkpoint will nat the traffic coming on that EIP and send the traffic out.

 

Lets say I have EIP assigned to cluster is 20.20.20.20 and now I need to set one more EIP as 50.50.50.50 which will be natted with 10.10.6.100 and natting will be done by Check Point.

Thanks and Regards,
Blason R
CCSA,CCSE,CCCS
0 Kudos
Nir_Shamir
Employee Employee
Employee
‎2022-11-06 01:35 AM
In response to Blason_R

From what I know , you can't add more EIP on a Cluster Deployment.

you need to use an ELB to publish more Services.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
UPCOMING CLOUDMATES EVENTS
    All CloudMates Events