Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
solaris77
Explorer
Jump to solution

Question: one public IP on outside NIC of FW used for outbound internet access and inbound access

Hello,

I have a real virtual Checkpoint Security Gateway setup scenario: carrier who provides the virtual computing platform can only allow one public IP on virtual  Checkpoint Security Gateway instance running Checkpoint v80.20, i.e. the internet-facing interface IP, no other public IP range could be allocated due to platform restriction.  

The virtual checkpoint SG setup requirements:

1) setup outbound internet access, setup Hide NAT for all internal subnets with the outside interface IP;

2) setup static NAT on FW for inbound access using the same outside interface IP, so remote client VPN access could get to the VPN Concentrator which sits within DMZ behind FW

The questions are: 1) is it doable 2) any FW NAT/Arp/local Port range setup issues; 3) any performance concerns

I haven't setup the test environment yet, I'm wondering if anyone could give some valuable comments/advices.

  

0 Kudos
9 Replies
This widget could not be displayed.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events