I need to allow internet access for internal client for facebook access and need to build NAT on FMC. I did many times source NAT for internet access on other firewalls but not sure nat. type on. FMC.
I can see client url traffic on fmc but there is no nat to go out. I can see option of dynamic and static nat on fmc. I dont wana do static nat as it allows traffic initiated from both directions and I dont wana allow from oputside to inside.
which nat type on fmc is best for this scenario so that client can access facebook.com
When you add a nat rule, choose manual nat and then detect dynamic as type. However you won't be able to do a nat just for a specific url. I would suggest to have a role ACP to allow only the url you want and build your dynamic nat for the whole user subnet trying to access internet.
Thanks Francesco PS: Please don't forget to rate and select as validated answer if this answered your question
Posting this for anyone interested in using a Raspberry PI as a flow collector for Stealthwatch. We created a very lightweight version of our software. It can create flows if the eth port is attached to a SPAN or you can forward NetFlow/IPFIX ...
Dear Team Suppose we have hundreds of rules in access policy on cisco fmc device. Now I want to fetch all access policy rules in which I have mentioned some specific port number X. Can anyone help me with the process to fetch the same?
Greetings everyone, Happy New Year! I would like to thank you all for making our ISE demos in dCloud a great success!
The ISE instant demo has been in the top 5 of Enterprise demos for a long time now and recently just moved into the #1 and 2 slots...
User Experience Enhancements
As part of the Cisco Common User Experience program, we are working towards a more uniform user experience and terminology alignment. This program runs across all Cisco security products.
A More Intuitive Cognitiv...