Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
176
Views
0
Helpful
1
Replies

Network under a Network, ACL/NAT on Firewall or Switch?

TheGoob
VIP
VIP

‎03-28-2025 12:31 PM

Hey I was messing around with esxi and from FPR1010 I have a connection to an SG350XG.. On the SG I have a Network 192.168.4.0/24. That Network is connected to esxi vswitch. On there I have VM and another vswitch with 10.0.2.0/24 Network. Now, 10.0.2.0 has Internet access and all is fine but how would INCOMING ACL/NAT work? I know normal I'd NAT/ACL for the 192.168.4.x Network/Host, but what if there is another Network under that? Would I NAT/ACL to the inner host and it knows where to find it, or do I create another ACL on the switch for its subordinates?

 

 

Labels:
0 Helpful
1 Reply 1

nspasov
Cisco Employee
Cisco Employee

‎04-08-2025 07:54 AM

It really depends on your setup. E.g., will your 1010 act as a firewall-on-a-stick with VLANs/sub-interfaces to route the traffic. Or will your SG be a L3 hop with static/dynamic routes to the 1010. A small diagram / sketch of your setup will help here.

Thank you for rating helpful posts!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card