Three FTP batch servers NATTED to a single Public on an ASA
We currently have three batch servers that send batch files out to customers, we don't accept connections inbound (no connections initiated from the customer to us). Currently those batch servers pass through an old Cisco CSS (content services switch) and when it does it basically NATs those three source IPs into a single IP (172.31.2.4). On the ASA there's a static NAT that NATs that single IP to a public IP, no big deal so far and this all works for active and passive FTP connections.
Now we want to remove those old CSSs so the batch servers would pass through the network to the external firewalls without being NATTED (unlike what is happening today when they are NATTED to 172.31.2.4). I want to know if I create a dynamic (PAT) nat on the ASA to take those three batch server IP addresses and NAT them to a single IP, does anything see a problem with that? Will Active and Passive FTP continue to work? I assume it will. I believe a static NAT would not work in this scenario and that I would need to use dynamic (PAT). Thoughts?
This month, we're excited to bring awareness to a newly formed partnership between Cisco Secure and IBM.
Securing today's dynamic enterprise applications is critical. With hybrid and multi-cloud adoption, traditional network-based security ran into limita...
Listen: https://smarturl.it/CCRS8E42Follow us: twitter.com/CiscoChampion
APIClarity is an open source, cloud-native visibility tool for APIs. It utilizes a Service Mesh framework to capture and analyze API traffic and identify potential risks.
Hello everyone, A new video in the Cisco Secure Terraform Series has just been published. If you are interested in Infrastructure as Code, and Terraform, you don't want to miss out on this amazing series with Jason "Canadian Bacon" Maynard! Newe...
The Cisco Secure Firewall and SecureX teams are looking for feedback from active Secure Firewall users who may or may not have already activated SecureX. Your responses will help us improve the Firepower experience in SecureX. Th...