Open Frames Download Complete PDF Send Feedback Print This Page

Previous

Next

NAT and the Correction Layer on a Security Gateway

For optimal system performance, an entire session should be handled by the same SGM. With NAT, packets sent from the client to the server can be distributed to a different SGM than packets from the same session sent from the server to the client. The system Correction Layer then must forward the packet to the correct SGM.

Correctly configuring Distribution Modes keeps corrections situations to a minimum and optimizes system performance. To achieve optimal distribution between SGMs on the gateway:

  • When not using NAT rules: Set the General Distribution Mode.
  • When using NAT rules: Set the hidden network(s) to User Mode, and the destination network(s) to Network Mode.
 
Top of Page ©2014 Check Point Software Technologies Ltd. All rights reserved. Download Complete PDF Send Feedback Print