Hi,
I have a Firepower appliance running ASA, where I have many different vlans. Most of them do not have any access to the internet or other vlan.
I have enabled an NTP proxy server on one of the VLANs, and wish to distribute this to my hosts on other VLANs as well.
I have a host, 192.168.101.11 on vlan A, which I want to receive and reply to icmp and ntp requests. Every host (for now) from 172.16.4.0/24 on vlan B should be able to request this.
What are the things I should do to make that happen?
- Make access rule
- On vlan B:
- source: 172.16.4.0/24
- destination 192.168.101.11
- destination service: icmp, ntp
- On vlan A:
- source: 192.168.101.11
- destination: 172.16.4.0/24
- destination service: icmp, ntp
- Make NAT rule 1
- source interface: vlan B
- dest interface: vlan A
- dest address: 192.168.101.11
- Make NAT rule 2
I'm quite new to this, and not very good, so go easy on me. I probably need to re-do some of the above, and maybe I'm missing some steps. Hope someone can be of help.