How does the Check Point Security Administrator enable NAT Templates?
A.
Run commands with syntax fw ctl set int cphwd_nat_templates_support 1 and fw ctl set
int cphwd_nat_templates_enabled 1.
B.
Edit file $FWDIR/boot/modules/fwkern.conf with the lines
“cphwd_nat_templates_support=1” and “cphwd_nat_templates_enabled=1”.
C.
Set Firewall object > NAT > Advanced
D.
Set Global properties > NAT-Network address translation
Explanation:
Answer A and B work, I can enable teamplates in both ways. Why is answer B the right one? Because “fw ctl set int” commands are cleared after reboot? If yes, this was not part of the question.
0
0
Right answer is really B.
Bill, please check sk71200:
Important Note: The only officially supported way to enable / disable the SecureXL NAT templates is by setting the relevant kernel parameters in $FWDIR/boot/modules/fwkern.conf file. Enabling / disabling the SecureXL NAT templates on-the-fly with ‘fw ctl set int’ command is NOT supported.
Pavel
1
0