Do the above settings limit the partner’s access?

You are a Security Administrator who has installed Security Gateway R77 on your network. You
need to allow a specific IP address range for a partner site to access your intranet Web server. To
limit the partner’s access for HTTP and FTP only, you did the following:
1) Created manual Static NAT rules for the Web server.
2) Cleared the following settings in the Global Properties > Network Address Translation screen:
– Allow bi-directional NAT
– Translate destination on client side
Do the above settings limit the partner’s access?

You are a Security Administrator who has installed Security Gateway R77 on your network. You
need to allow a specific IP address range for a partner site to access your intranet Web server. To
limit the partner’s access for HTTP and FTP only, you did the following:
1) Created manual Static NAT rules for the Web server.
2) Cleared the following settings in the Global Properties > Network Address Translation screen:
– Allow bi-directional NAT
– Translate destination on client side
Do the above settings limit the partner’s access?

A.
Yes. This will ensure that traffic only matches the specific rule configured for this traffic, and
that the Gateway translates the traffic after accepting the packet.
B. No. The first setting is not applicable. The second setting will reduce performance.

C.
Yes. Both of these settings are only applicable to automatic NAT rules.

D.
No. The first setting is only applicable to automatic NAT rules. The second setting will force
translation by the kernel on the interface nearest to the client.



Leave a Reply 2

Your email address will not be published. Required fields are marked *