Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
BlackBinNinja
Participant
Jump to solution

Public IP Ranges with NAT

Hi All,

 

I have come across an issue where I wanted to implement a NAT rule in Smartdasboard (R80.40) with the destination being a Public IP range i.e. None RFC 1918 ranges. 

The only option I had as an object was "All Internet" which also covers the RFC1918 addresses. Do Checkpoint have an object that would exclude the RFC1918 addresses and include the Internet ranges.

Thanks

 

0 Kudos
3 Solutions

Accepted Solutions
Chris_Atkinson
Employee Employee
Employee

Are you able to share more details of the scenario?

Perhaps this can be addressed in combination with using strategically placed no-NAT rules for instance.

 

 

sk97246: Is it possible to add Group with Exclusions to the NAT rule base?

CCSM R77/R80/ELITE

View solution in original post

(1)
BlackBinNinja
Participant

Hi Chris,

We have implemented a work around using no-NAT but was interested to see if there was a specific group that only included non RFC1918 IP's. 

I will most certainly look into the sk97246 method to see if that helps with my question.

View solution in original post

0 Kudos
PhoneBoy
Admin
Admin

Unfortunately, there isn't a single non-group object that excludes RFC-1918 but includes everything else.
Several "NO NAT" rules are the way to go here.

View solution in original post

0 Kudos
(1)
3 Replies
Chris_Atkinson
Employee Employee
Employee

Are you able to share more details of the scenario?

Perhaps this can be addressed in combination with using strategically placed no-NAT rules for instance.

 

 

sk97246: Is it possible to add Group with Exclusions to the NAT rule base?

CCSM R77/R80/ELITE
(1)
BlackBinNinja
Participant

Hi Chris,

We have implemented a work around using no-NAT but was interested to see if there was a specific group that only included non RFC1918 IP's. 

I will most certainly look into the sk97246 method to see if that helps with my question.

0 Kudos
PhoneBoy
Admin
Admin

Unfortunately, there isn't a single non-group object that excludes RFC-1918 but includes everything else.
Several "NO NAT" rules are the way to go here.

0 Kudos
(1)

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events