AnsweredAssumed Answered

Static NAT to DMZ Web Server on R80.10 Cluster (HA)

Question asked by Walt van Staden on Sep 29, 2017
Latest reply on Oct 9, 2017 by Alexander Astardzhiev

Hi,

 

I've been having trouble wrapping my head around something. The scenario is as follows:

 

ISP Router with multiple available public IP's --> CheckPoint 3000 Appliance Cluster --> Web server in DMZ

 

Now, I want to NAT https traffic from 10.10.10.10(one of the public IP's) to the web server (192.168.1.5) in the DMZ.  Should I create a proxy arp entry for this to work, and if I should, how exactly should it be done? I have created the Web Server object with a static NAT to the IP I want it to listen on and applied it to a firewall policy to permit https traffic from All_Internet to my server object. 

 

If someone can provide guidance on this, I would appreciate it. It has proven to be a bit more difficult than it seems..

 

Thanks in advance

Outcomes