I am fairly new to Checkpoint. However I have installed a trial consisting of one gateway (OpenServer) with 2 NIC:s. One connected to my internal LAN (ip and the other connected to my ISP (ADSL, dynamic Ip retreived via dhcp). I also have installed one Smartcenter standalone, also on OpenServer. R75 btw.

In SmartDashboard under the gateway-object -> NAT I have checked "Hide internal networks behind the gateway external IP". Also I have deployed a policy that allows all traffic from my InternalLAN to any, just to get basic internet connectivity. All works fine!

But! I have one internal server that is a web-server and ssh-server (linux-host).

My question: How do I configure Firewall rules and NAT rules to allow inbound traffic from anyone on internet, destined for my firewall outside IP (remember, dynamic!) to be passed thru to my .72-server on my LAN?

Thanks in advance!

Best regards

asked 08/11/2011 12:33

Kvistofta's gravatar image

Kvistofta ♦♦

3 Answers:
you need to create manual nat rules for this object do not use the hide-nat under the object.

when you use the nat under the object it creates manual nat rules, go into smartdashboard and create your own nat under the nat tab.

here is a video of NAT for checkpoint quiet usefull

you would need to use the service column to get this to work so you would do source being any destination being your webserver object and service of http & https that way it would nat to the correct place dependant on the service you use.

This needs to be done under the nat tab.


fcar807's gravatar image


you need something like this

notice i had to create 4 nat rules you can't use multiple services in one rule for nat.

nat rules example
nat rules example
fcar807's gravatar image


This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
Qlemo's gravatar image


Your answer
[hide preview]

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments


Asked: 08/11/2011 12:33

Seen: 696 times

Last updated: 10/09/2011 09:19