cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

can we map checkpoint external interface IP address for internal service announcement for public access?

Greeting of the day!

As per the requirement, we want to map our internal service 172.16.16.50 with assigned check point gateway's external IP address 182.67.68.52 to announce the internal service for public access.

We are not using any additional free WAN IP address for the same so my question is that can we achieve this or we must require free IP address from the WAN pool for the same?

Detail information is as below:

Check Point Topology:

External Interface IP : 182.67.68.52

Public Mapping IP : 182.67.68.52

Internal server IP Address : 172.16.16.50

Service : Any

Thanks,

HiteshB

Tags (2)
0 Kudos
3 Replies
Admin
Admin

Re: can we map checkpoint external interface IP address for internal service announcement for public access?

If you want all ports to be accessible externally, then you need a second public IP.

If you only need specific services, then you can potentially do it with a NAT rule.

0 Kudos

Re: can we map checkpoint external interface IP address for internal service announcement for public access?

Dear Dameon,

Thank you for your prompt response.

We have mapped with specific SIP services only, do not map with Any, but it is not working when we are natting with the Gateway external interface IP address.

When I change the same mapped object [i.e. SIP_Public_IP 182.67.68.52] with different free WAN IP address[i.e. SIP_Public_IP 182.67.68.53], it maps the service and works. even we can telnet over the TCP/UDP port 5060 from the external network.

Regards,

HiteshB

0 Kudos
Admin
Admin

Re: can we map checkpoint external interface IP address for internal service announcement for public access?

SIP may not work in this specific situation as it utilizes a specific handler.

Might be worth a TAC case to troubleshoot in any case.

0 Kudos