10-21-2015 05:32 AM - edited 03-11-2019 11:46 PM
I have an office with one outside IP address and two internal servers.
I currently have an object nat for SERVER1 (HTTPS) to OUTSIDE (8443) and
object nat for SERVER2 (HTTP) to OUTSIDE (8080)
I want to add SERVER2 (HTTPS) to OUTSIDE (8444) because SERVER2 needs web and secure web for a while.
My question is, should I:
1) Create another object for SERVER2 and create another object nat, for my new port or
2) Create a regular static nat rule, or
3) Change then existing rules to static nat rules and also create the new one as a static nat rule?
Do most people use object nat for everything or static nat for everything, or object for the first and then static for the rest? I'm just looking to follow a standard that most people use.
Thanks,
Allen
Solved! Go to Solution.
10-21-2015 05:38 AM
Allen
I'm not sure there is a standard as such, it's really up to you.
That said there is a very good document on this site by an experienced ASA engineer which gives recommendations as to where to place certain rules and I tend to use that as a guide.
But like I say it is whatever works best for you.
Here is the link -
Jon
10-21-2015 05:38 AM
Allen
I'm not sure there is a standard as such, it's really up to you.
That said there is a very good document on this site by an experienced ASA engineer which gives recommendations as to where to place certain rules and I tend to use that as a guide.
But like I say it is whatever works best for you.
Here is the link -
Jon
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide