How to NAT 2 Internal Subnet 2

[mdwu]

I have 3 nic on my Checkpoint NG installed on windows NT
nic 1 - Internet (209.1.1.1)
nic 2 - subnet A (192.1.1.1)
nic 3 - subnet B (172.1.1.1) also to corp intranet with other subnet address

I want to make it so that when access internet from either subnet, it will be NAT with external Internet nic. I believe this is already set when I set NAT, I choose hide behind GW.

Also, because of corp policy, when the subnets access each other, it will also be NAT to each other's ip range.

Bascially, in order to access subnet B resource and the corp intranet resources which subnet B is connected to, all traffic from subnet A need to be NAT by subnet B's nic. I only want this to be done between the subnets, because obvously, i don't want outside internet user to have access.

is this possible.

 

[Piloria]

you will have to write manual NAT rules
to start click on the NAT tab of the rules
then new rule at top (right mouse click wont work use add rule)

then write the rules on how to NAT between networks

 

[mdwu]

Thanks again Piloria. I guess what I will do is to first add static route on the firewall. I assume the firewall uses the windows static route table, or it has it's own checkpoint route table to use.

 

[ChrisAC]

You do not need to add routes to the firewall as all three networks are directly connected to the firewall. What Piloria told you is to create manual NAT rules on the firewall.

Chris.


**********************
Chris Andrew, CCNA, CCSA
chris@iproute.co.uk
**********************

 

[mdwu]

thanks all