Day 06 | Static and Source Hide NAT configuration in Checkpoint Firewall

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello good morning friends welcome to my youtube channel technet guide friends in this video i am going to tell you how to configure static and hide net in checkpoint firewall friends in last video we have seen how to configure automatic net so now in this video we will configure manual net static and hide net in checkpoint firewall so friend let me give short description of static net and i net so friends as you know that in static net for each internal host we require different public ip address suppose this is my public ip address so for each host one like 140.1.1.1 we required one ip one public ip and for 1.2 we required second ip for 1.3 we required second ip okay so this is static net one two one translation only port address translation is not possible in static net in static net we can only translate one to one mapping here okay so let's see so friend let's configure static night in checkpoint viral so friend let me give task so let me tell you what is our task our first task will be 140.1.201 should be translated with 4.2.2.10 right we will configure static net for this network 140.1.1.1 2r2 is going to access internet okay so it will be translated with my firewall gateway this ip so let's see how to configure static net so friend before before going to start let me show you my topology here so you can see this is my firewall and this is my inside zone this is my inside zone here and this is my internet okay and this is dmz on now we will configure static net let's connect check connectivity from inside to outside okay we will ping here a dot a dot a dot eight now i i'm able to ping let me give source source will be 140.1.1.1 okay good and source will be 150.1.1 able to ping now we will configure static net for 140 okay so now friends you can see this is my sms and management server and this is my firewall here okay so let me so now we have to go to security policy go to security policy so now go to net policy here go to net now we will create a static net okay we'll create so what is our source source will be 141 destination any going to service any okay translated source will be what our source will be interface ip address so we have to create object for this now create object for host 4 dot 2.2.1 now what will happen here my source if my source is 140.1.1.1 and destination is any it should be translate with 4.2.2.1 right so translated destination will be original translated service will be original now click on publish now install policy now friends you can see we have a successfully installed policy now go to router one and ping from one ping 8.8.8 from source network 140.1.1 ping here okay now it's thinking so let's check logs here if net is open or not now we have to check logs go to locks and monitor now search source okay you can see this is my source okay just check if net is happen you can see my source is 140 destination is adopted at it now you can see you can see a net nothing is there it connected with 4.2.2.1 okay so friends this is a static net let me give another scenario so if i trying to add network 150.1.1 with 0 full network so what will happen let me show you you can see not is not going to add another one okay so 150 we will check with 150 but we cannot add new item multiple item here multiple subnet you can see we're not able to add multiple subnet here of network so let's create group of network here group network group we can give inside inside group okay now click on plus 140 150 and 140 network okay now click on ok inside group okay if i going to use static net now click on publish so i have added both network here 150 and 140 and publish here then see what it will say okay now install policy click on install now friends you can see installation failed why installation pad let's check here installation file why because invalid group source of address translated rule 1 group is valid only matching translated column original if the source translator method is height because for static net this ip can be translated with only one ip address so we have i have added two network here that's why that's why showing a error means it can be only translate one to one mapping only single ip address it cannot translate it cannot translate multiple ip address with a static net okay so what i have to do i have to do change static to hide net okay now click publish and we will see what will happen and click on install policy and we will see what will happen now friends you can see policy is successfully installed here because we have changed to higher net so let me show you what is high net so friends in high net it's a many to one translation many to one because multi we cannot we can translate multiple ip address in single into single ip address right now we have configured hide net okay my new tone dynamic net as per cisco so you can see hide net h inside net now click on and now we have already installed policy now click now again try to ping 140 from 1478 and 150 both are able to ping now we can check locks now we can check locks for 140 will see translated now you can see my source is 140 destination is added updated translated with 4.1.1 net roll number 1 150 now check 150 this is my 150 net truck so friends you can see my source net source is 150 destination educated data translated with 4.2 4.2.1 okay match rule match rule too so now friends in this video we have seen how to configure static net and high and high net in checkpoint firewall so friend next video we will see how to configure destination net and we will perform multiple tasks in destination net with single ip address and will configure with virtual ip address we will configure ported translation we will configure dual net so friends thanks for watching this video have a nice day

Info

Channel: TechNet Guide

Views: 88

Rating: undefined out of 5

Keywords: how to, configure nat in checkpoint firewall, checkpoint firewall, nat configuration, how to configure nat, how to configure static nat, how to configure hide nat, source hide nat, checkpoint firewall tutorial, firewall, what is nat, network address translation, dynamic nat, static nat, r80, types of nat in checkpoint firewall, what is source nat and destination nat in checkpoint, checkpoint nat configuration r80, hide nat vs pat, checkpoint nat troubleshooting

Id: xhEHA7C49Sk

Channel Id: undefined

Length: 10min 22sec (622 seconds)

Published: Sat Oct 16 2021