- Products
- Learn
- Local User Groups
- Partners
-
More
It's Here!
CPX 360 2021 Content
Check Point Harmony
Highest Level of Security for Remote Users
Important certificate update to CloudGuard Controller, CME,
and Azure HA Security Gateways
Advanced Protection for
Small and Medium Business
Secure Endpoints from
the Sunburst Attack
Important! R80 and R80.10
End Of Support around the corner (May 2021)
Anyone ever configured a NAT pool for an internal network when the appliance is set to http/https proxy?
Vladimir
Can you explain the reason for NAT pool in this scenario?
If you are using proxy, you are connecting to the gateways from actual IPs and the gateways are responsible for initiating a second leg of communication.
The other actual need for NAT is if that same network is routed elsewhere and need be translated, including some VPN scenarios where you have to use the range specified by your peer.
In later cases, I do not see how proxy and NAT would interfere with each other.
Using the gateways in a cluster setup as http/https proxy for all office 365 traffic. Because of the number of sessions each user generates, A NAT pool is needed to get around the port exhaustion issue with one NAT. It seems when you configure the NAT pool, the traffic still gets generated from the cluster external IP. I am assuming it is because how proxy works with using two connections. I am hoping there is a way around that with some custom configuration.
Vladimir
Interesting issue.
Can you tell me how many clients are you trying to proxy through the gateway?
Take a look at his and see if it can help you in any way:
Thanks for your response, Vladimir. I have about 36k users. The gateways are 15000 series. I will check the article attached and come back with comments. Thanks again.
hey, did you managed to solve this ?
About CheckMates
Learn Check Point
Advanced Learning
WELCOME TO THE FUTURE OF CYBER SECURITY