This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
GeorgeF
Contributor
‎2024-02-27 03:46 PM

Is it able to set domain objects/groups as destination fro NAT rules ?

Hi Experts,

 

We are using R81.20 take 26 as our firewall, and have some NAT rules. All the traffic is routed to Datacenter through a GRE tunnel.

But we still have some traffic needs to bypass the tunnel and NAT to internet directly. In the NAT rules, we use Host Group as destination and all hosts are IP address.

My question is, is it possible to put the Domain Groups ( Domain objects ) into the destination? including FQDN and non-FQDN. As the URL/domains are based on AWS CDN service and the IPs varies.

If it doesn't support, should I use DNS Checker to find out all the IP addresses' public resolution for the domains,  and add all the IPs to the destination? That would be a manual work and needs to update frequently if the server's IP changed.

 

Thanks very much 

Best regards

George

Labels
0 Kudos
2 Replies
Chris_Atkinson
Employee Employee
Employee
‎2024-02-27 05:05 PM

I've not tested groups, however the following object types are supported in R81+

 

NAT rules.jpg

Source: https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_RN/Topics-RN/Whats-New.htm?tocpath... 

CCSM R77/R80/ELITE
0 Kudos
the_rock
Legend
Legend
‎2024-02-27 06:48 PM

All of those work in R81.20, for sure, tested in the lab myself.

Best,

Andy

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events