08-07-2024 04:35 AM
I have a Cisco Catalyst Center in my DMZ. The Enterprise and Management Ports are all connected and allowed through my internal FW. The Cloud Port is connected to my external FW. Can I use NAT on the external FW to the Cloud Port on the Catalysts Center.
08-07-2024 05:22 AM
Hello!
What cloud port? You probably mean the internet port? Yes ofcourse you can use NAT on your firewall, I would setup a seperate connection to the firewall and block anything else aside from the connection to the needed cisco sites.
https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/dna-center/2-3-3/install_guide/2ndgen/b_cisco_dna_center_install_guide_2_3_3_2ndGen/m_plan_deployment_2_3_3_2ndgen.html#concept_z4t_cd3_sfb
BR
08-07-2024 05:53 AM
Correct yes "internet" port. We use separate management and enterprise for internal comms to DNAC and then the internet port only for internet comms only allowing URLs and port listed in the guide.
08-07-2024 09:47 PM
To answer your original question. Yes you can use NAT for your internet port na the DNA-C.
BR
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide