x-forward IP Address to be passed to destinations servers when using a NAT, but NAT is removing this information.
We have DMZ Servers on external firewalls. Our internal network users using 10.x.x.x IP are connecting to the DMZ servers and on external firewall 10.x.x.x is Natted to public IP.
DMZ servers are seeing source traffic from public Natted IP as should be.
Now our network users are using x-forwarding and we want to see user’s private IP as an source to DMZ servers; but we are still seeing Natted IP.
Is this possible to achieve in checkpoint – R80.20.
We can do with no-nat rule from 10.x.x.x to destination DMZ servers. But then we have to add route 10.x.x.x on external firewall into our network. We do not want exposed internal network on external firewall. So we are trying to achieve this with x-forwarding.