This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Linus
Contributor
‎2022-05-08 05:52 AM

Port Forward to internal Server

Jump to solution

Hello,

 

I want to apply a port forward to our new voip server which is locally behind the checkpoint appliance.

We established an alias (1.1.1.1) on the interface of the external IP (2.2.2.2) which we want to use.

The voip server has the IP 5.5.5.5 and ports 443 and 9000 need to be forwarded.

 

Only connections to the alias (1.1.1.1) should be forwarded to the internal server:

 

1.1.1.1:443 -> 5.5.5.5:443

1.1.1.1:9000 -> 5.5.5.5:9000

 

How do I set this up ? Its my first time tinkering around with Port Forwarding with the checkpoint appliance.

 

Regards

 

0 Kudos
1 Solution

Accepted Solutions
Linus
Contributor
‎2022-05-09 03:45 AM
In response to Linus

Jump to solution

I got the solution: I configured it manually and used the 1.1.1.1 as "Original Destination". Also there was a rule missing in the Access Policy that allows the traffic.

View solution in original post

0 Kudos
4 Replies
skandshus
Collaborator
‎2022-05-08 12:54 PM

Jump to solution

UUHU

i've been there.

the reason you cant find info about it is because its called NATTING in "real life"
that's what you need to search for 🙂

0 Kudos
Linus
Contributor
‎2022-05-09 12:25 AM
In response to skandshus

Jump to solution

Hi ! Thank you for the answer. I know that it is NAT, but I still had no luck.

Here is what I tried:

 

 

CP.JPG

 

0 Kudos
Linus
Contributor
‎2022-05-09 01:12 AM
In response to Linus

Jump to solution

It works when I use automatic rules:

 

cp1.jpg

 

The problem is this rule forwards all ports and I cant edit the rule to only forward ports 443 and 9000.

When I try to manually recreate those automatic rules I am not able to set up the forward only to apply for the interface alias 1.1.1.1.

0 Kudos
Linus
Contributor
‎2022-05-09 03:45 AM
In response to Linus

Jump to solution

I got the solution: I configured it manually and used the 1.1.1.1 as "Original Destination". Also there was a rule missing in the Access Policy that allows the traffic.

0 Kudos