Re: can we map checkpoint external interface IP ad...

Hitesh_Brahmbha · ‎2019-01-04

Greeting of the day!

As per the requirement, we want to map our internal service 172.16.16.50 with assigned check point gateway's external IP address 182.67.68.52 to announce the internal service for public access.

We are not using any additional free WAN IP address for the same so my question is that can we achieve this or we must require free IP address from the WAN pool for the same?

Detail information is as below:

Check Point Topology:

External Interface IP : 182.67.68.52

Public Mapping IP : 182.67.68.52

Internal server IP Address : 172.16.16.50

Service : Any

Thanks,

HiteshB

PhoneBoy · ‎2019-01-04

If you want all ports to be accessible externally, then you need a second public IP.

If you only need specific services, then you can potentially do it with a NAT rule.

Hitesh_Brahmbha · ‎2019-01-05

Dear Dameon,

Thank you for your prompt response.

We have mapped with specific SIP services only, do not map with Any, but it is not working when we are natting with the Gateway external interface IP address.

When I change the same mapped object [i.e. SIP_Public_IP 182.67.68.52] with different free WAN IP address[i.e. SIP_Public_IP 182.67.68.53], it maps the service and works. even we can telnet over the TCP/UDP port 5060 from the external network.

Regards,

HiteshB

PhoneBoy · ‎2019-01-05

SIP may not work in this specific situation as it utilizes a specific handler.

Might be worth a TAC case to troubleshoot in any case.

Are you a member of CheckMates?

can we map checkpoint external interface IP address for internal service announcement for public access?