Hi,
I need one suggestion from you guys/girls.
I have firewall which was set by me one month ago. So it was quick and simple config without complicating things. One WAN address, two lan (one primary, and one extra). access lists to allow inside -> outside, dynamic NAT for each subnet (yes I know that I could set (any,outside) and cover both, but I choose not to...), one VPN config with split tunnel, etc. literally nothing special. Now they've decided to put another firewall behind mine and ask me to forward all the traffic everything to second firewall. So technically my firewall will be bridge with NAT function... (don't ask why :) ).
What would be easier way to pull this or should I say, cleanest way?
my idea would be to set outbound rule to allow any to any (as they don't want restrictions), and to set static NAT from outside to IP of their firewall interface. In theory this should work, but again I have never tried and I don't know if there is perhaps better solution to this?
Let me know about your opinion :)
Cheers.