This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Thabo
Participant
yesterday

Port Forwarding in Checkpoint

Good Day

I am from a Fortinet background and currently working more on Checkpoint in the other there is what we call virtual IPs aka Port Forwarding i know we have Manual NAT in checkpoint but in the instance where i have multiple web servers and one static public IP provisioned by ISP say with a /30 subnet mask how can i go about Manual Nat in checkpoit say for expample my external IP is 178.xx.xx.1/30 and my LAN is 10.1.10.0/24 where i have web server 10.1.10.10:443 and another 10.1.10.11:8443 how can I achieve accessing this from public facing i have decided to change the ports due to 443 being used by another web server hence using 8443 for another server on the LAN.

Labels
0 Kudos
6 Replies
Alex-
Leader Leader
Leader
yesterday

You have the notion of original port and translated port if this answers your question.

You can publish 8443 as original port and put 443 as translated port.

the_rock
Legend
Legend
yesterday

Should be pretty easy. Just create manual static nat rule in smart console and make sure the info is right (original src, dst, translater src, dst and ports).

Ping me if you need help.

Andy

the_rock
Legend
Legend
yesterday
In response to the_rock

@Thabo 

Think of it this way and as trivial as this example is, I always give this to people. So say your friend wants to rdp into your computer at home, all you would need to do is create a "rule" in your home router that says from external to your internal IP on dst port 3389, thats it.

Makes sense?

Andy

0 Kudos
Thabo
Participant
yesterday
In response to the_rock

Yes that i all understand i was wondering on checkpoints GAIA in this instance i know about the manual nat I was just wondering how i can workaround if i have multiple hosts that need to be publicly accessible and there are accessed through port 443 so i will explore original port and translated port.

0 Kudos
the_rock
Legend
Legend
yesterday
In response to Thabo

I see what you mean. For that, yea, you may need to change the port.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events