Table of Contents
Advertisement
Figure 64. Check Point NAT Properties Dialog Box
Here you should enter the external IP address (if it is not the existing external IP address of the firewall). The
translation method to be selected is static. Clicking OK automatically creates the necessary NAT rule shown in
the following section.
Figure 65. Check Point NAT Rule Window
Static Route
Most installations of Check Point AIR55 require a static route. This route sends all traffic from the public IP
address for the SMA/SRA appliance to the internal IP address.
#route add 64.41.140.167 netmask 255.255.255.255 192.168.100.2
ARP
Check Point AIR55 contains a feature called auto-ARP creation. This feature automatically adds an ARP entry for
a secondary external IP address (the public IP address of the SMA/SRA appliance). If running Check Point on a
Nokia security platform, Nokia recommends that users disable this feature. As a result, the ARP entry for the
external IP address must be added manually within the Nokia Voyager interface.
Finally, a traffic or policy rule is required for all traffic to flow from the Internet to the SMA/SRA appliance.
Figure 66. Check Point Policy Rule Window
Again, should the SMA/SRA appliance be located on a secure segment of the Check Point firewall, a second rule
allowing the relevant traffic to flow from the SMA/SRA appliance to the internal network is necessary.
Dell SonicWALL Secure Mobile Access 8.5
450
Administration Guide
Advertisement
Chapters
Table of Contents
Troubleshooting
