Random applications / websites become inaccessible after disabling interface source-nat
All the internet traffic that egress from the exit point gets source-natted to the public ip on the interface having the ISP link. Now, if the source-nat on the interface is turned off then many applications stop working or being accessible. There is no such specific configuration on the firewall for those applications. I am unable to understand this dependency of internal traffic need of being mapped to public ip for accessing certain applications for example teamviewer etc ? Is there any white-listing that the service provider needs to do on his end ?
Note : When the source-nat is removed the internal private ip's (user vlan) go out without any NAT.
The reason of switching off the NAT is to make the individual sites (subnets) visible to the Zscaler, as the user traffic first goes to the Zscaler for policy checks and then gets redirected to their destinations. There is no nat on the Zscaler.
Setting up some 3rd party devices for my Fire and Rescue trucks that will VPN back to our FPR-2110. I can blatantly see what's going on with the IKEv2 platform and protocol debugs on. It's selecting the wrong dynamic map!IKEv2-PLAT-4: (32): Cry...
On January 22, 2020, the Cisco Product Security Incident Response Team (PSIRT) disclosed a vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC). The vulnerability could allow an unauthenticated, remote attac...
Meet the Authors Event - A Cybersecurity Deep Dive with Omar Santos
(Live event – Thursday, January 23rd, 2020 at 10:00 a.m. Pacific / 1:00 p.m. Eastern / 7:00 p.m. Paris)
This event will have place on Thursday 23rd, January 2020 at 10hrs PDT
Posting this for anyone interested in using a Raspberry PI as a flow collector for Stealthwatch. We created a very lightweight version of our software. It can create flows if the eth port is attached to a SPAN or you can forward NetFlow/IPFIX ...