Cisco 2901 with Firewall pack, have NAT and normal routing combined on the same interface?
I am struggling with a certain project where a kerio winroute software firewall needs to be replaced by a hardware router/firewall.
The purchased hardware is a 2901 with K9 firewalling license pack (no experience on cisco routers).
It is just routing/blocking traffic between a production LAN and an Office LAN. Only 2 ports exists on the device (old and new).
The problem seems to be that on the kerio software, there are "policies" to do this, and each policy can be set with
- NAT (when required)
- no NAT (when that server is not supporting NAT to a client)
Name - Source - Destination - Service - Action - Log - TRANSLATION
But when we configure the 2901 (Cisco Configuration Professional), it seems that an interface is always with NAT or just without NAT.
I seem not to be able to say that certain communication must use NAT and other communication must be routed without NAT.
when I ping from a certain IP WAN to LAN, on the old system, I get a reply from the IP in the LAN, as is expected with normal routing.
when I ping from the same IP WAN to LAN, on the new system, I get a reply from the WAN IP on the router, because the interface is configured as NAT (inside or outside).
So basically, from some WAN devices I want routing, but that same interface must also be able to have dynamic NAT connections to certain WAN IP's, and have Static NAT connections coming in from WAN to LAN (for example for VNC mapping).
Before I post the router scripts, is the above screenshot something that is even possible with the 2901 K9 router? Or is this only possible with this software firewall?
We have the Endpoint purge to delete any thing over 365 days, but this wasn't working as standard since in was installedSo disabled and enabled again and this seem to fix it, as had just under 200k endpoints captured. But it removed all clients that ...
When we unregister FTD from FMC and re-register, all the static routes are lost on it. Sometimes device has database corruption, if re-image is the only solution then upon re-image, FTD comes up fresh and we need to configure everything from scra...
Hi,I have a very simple question; we have two ASA 5585-X working in Active/Standby Mode with multiuser Contexts.Normally Primary Unit is active for failover group 1 and 2; Secondary Unit is standby !At the moment our Secondary Unit is completely disconnec...
Meet the Authors Event - CCIE Security and Practical Applications in Today’s Network: Zero Trust
(Live event – Thursday, 29th, 2020 at 10:00 a.m. Pacific / 1:00 p.m. Eastern / 6:00 p.m. Paris)
This event will have place on Thursday 29th, October 2020 at 1...
My company uses Microsoft Azure AD, and I sign into all my applications using that account. Can I use that account when I sign in?
Yes - all applications that support SecureX sign-on allow direct login with your Microsoft Azure AD accou...