Are you a member of CheckMates?
×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Hi All,
I'm having some troubles with using manual NAT rules to translate a service. I do have manual arp entries added and the merge arp enabled.
From testing and from some packet captures, I can see that when traffic is destined for ms-mail2 it is natting to the correct IP, however the service isn't being translated from smtp(port 25) to smtp-alt(port 465).
This is my first venture down the manual NAT rules and I feel like I am missing something small.
Basically, wanting to do this. When port 25 traffic comes in on 66.66.66.1 it NATs to 10.10.10.11 and stays port 25, When port 25 traffic comes in on 66.66.66.2 it NATs to 10.10.10.11 and translates to port 465.
Can someone please provide some guidance?
Thanks in advance!
Sam
Edit: to add more description
Can you share a depersonalized screenshot of the ACL, which allows the inbound and outbound traffic?
Maybe for easier understandig: if you set an automatic NAT for SMTP-> then check the rules that are created (NAT rulebase) -> you will get a impression how should look like the NAT for only SMTP
Then you will be able to copy it and expand the rules with ports etc.
Akos,
Here you go. I want to add. Since initially starting this thread, I have it working on the firewall at our DR location. Initially, I got it working in Vegas by recreating the network objects that were in use and then it started working.
The IndyFW cluster, isn't behaving the same.
Edit: I am leaving on PTO today, returning on Monday
