Hi All,
We have an ip public range from our service provider. We want to configure separate connection on port DMZ to our specific service. I have an diagram. It's possible to configure it?
On SMB appliances, Port Forwarding is generally handled through Server objects.
It's not clear to me how traffic would be forwarded OUT the WAN interface and come back to the DMZ interface, particularly if the .189 address is on the same subnet as your DMZ interface.
Which means you have a hairpin NAT situation.
Server objects have a "Force translated traffic to return to the gateway" option to address this specific situation.
This will impact ALL traffic that hits this server object (not just internally sourced).
On SMB appliances, Port Forwarding is generally handled through Server objects.
It's not clear to me how traffic would be forwarded OUT the WAN interface and come back to the DMZ interface, particularly if the .189 address is on the same subnet as your DMZ interface.
Which means you have a hairpin NAT situation.
Server objects have a "Force translated traffic to return to the gateway" option to address this specific situation.
This will impact ALL traffic that hits this server object (not just internally sourced).
Thu 08 Jan 2026 @ 05:00 PM (CET)
AI Security Masters Session 1: How AI is Reshaping Our WorldThu 22 Jan 2026 @ 05:00 PM (CET)
AI Security Masters Session 2: Hacking with AI: The Dark Side of InnovationThu 12 Feb 2026 @ 05:00 PM (CET)
AI Security Masters Session 3: Exposing AI Vulnerabilities: CP<R> Latest Security FindingsThu 26 Feb 2026 @ 05:00 PM (CET)
AI Security Masters Session 4: Powering Prevention: The AI Driving Check Point’s ThreatCloudThu 08 Jan 2026 @ 05:00 PM (CET)
AI Security Masters Session 1: How AI is Reshaping Our WorldThu 22 Jan 2026 @ 05:00 PM (CET)
AI Security Masters Session 2: Hacking with AI: The Dark Side of InnovationThu 26 Feb 2026 @ 05:00 PM (CET)
AI Security Masters Session 4: Powering Prevention: The AI Driving Check Point’s ThreatCloud
