Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Patrick150781
Explorer

Non-FQDN Objects an NAT Policy

Dear CheckMates Community,

following scenarion:

We would like to use a non-fqdn domian object to get access to support.checkpoint.com from our MDM server.
This is requiert, since we would like to use updateable objects in our vsx environment.
 
Now I've create a security rule to allow access from MDM server to support.checkpoint.com with service https.
Since the MDM server has an rfc1918 address it's requieret to have a NAT (Hide). Unfortunately I can't use the domain non-fqdn object into the nat policy.
 
Could someone helps me to get a running setup to be able to use updateable objects .
 
BTW: We have R80.30 with JHF Take 111.
 
Thank you in advance.
 
BR
Patrick
0 Kudos
1 Reply
_Val_
Admin
Admin

You cannot use domain objects, especially non-FQDN, in the NAT rules.

Why NAT Hide is not an option for you? If not NAT, why don't you use a proxy access for your MDSM to the Internet?

 

Updatable objects are resolved on the GW, not management, so I think something is a miss here.

0 Kudos