- CheckMates
- :
- Products
- :
- Quantum
- :
- SMB Gateways (Spark)
- :
- Check Point 1450 Appliance Several External IP
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Check Point 1450 Appliance Several External IP
Hi, all.
I am a newbie with Check Point products.
I have Check Point 1450 in my company. ISP bring us a network with /29 mask.
Now I can assign only one IP to External interface.
How can I let to work another 4 IP's?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Is this 1450 centrally managed or locally managed?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
1450 localy managed.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Few ways to do it:
- Put the relevant hosts on the WAN side of the firewall and assign them one of your four remaining IPs. Obviously the 1450 won't be protecting these hosts.
- Create Server objects (Users and Objects > Servers) for the hosts you want to use the public IP addresses. In Step 2 of the Wizard, you specify the private IP address of the system in question. In Step 4, you specify the public IP you want the system to be accessible by.
- Create manual NAT rules (Access Policy > Firewall > NAT).
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks for reply.
I think I have not accurately explained what I want to get in the end.
By now all works fine, but with only one IP.
Look at pic.
Ideally Server1 must be publish by IP1. Server2 by IP2 & etc.
Is it real?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks, but it didn't work for me.
I do all like you say, but in Logs nothing that refer to Second IP.
Look at pic. Blue rule work fine. Red rule don't.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Packet Capture show nothing with IP .75
I try ping, telnet to port 5555. no mention of the address .75
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi, all.
Yesterday I was try localize problem.
I build this scheme. Results was:
1. IP .75 reply to ping
2. all rules works fine. (Thanks to @G_W_Albrecht and @PhoneBoy )
But! It all works only with my laptop with IP .76
All other addresses from different subnet can't connect to IP .75
It looks like "virtual interface with IP .75" has no default-gateway on it.
Can someone explain me whats going on?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
16:09:32.652969 ARP, Request who-has x.y.z.75 tell x.y.z.73, length 28
The fact it's working from your PC connected at .76 suggests the gateway is doing exactly what it's supposed to do.
The fact it doesn't work in other scenarios suggests a configuration issue with your ISP router.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Problem was solved by changed provider's "last mile" equipment.
I try to solve problem with Checkpoint Support Team. Let him to connect to my 1450. No changes.
Finally we decided to change the type of connection to the provider and problem was gone.
Thanx for all who try to help me.