02-15-2019 12:19 AM - edited 03-05-2019 11:16 AM
Hi all,
Is it possible to secure inbound and outbound of a static nat?
The case is following :
There is an public address A, then a public address B, then a private adress C.
The adress A is the front End to internet, then there is a static nat for B to C.
Thus I want to secure the nat on the B so that not all traffic are permited to or from C.
Regards,
Antra
02-15-2019 12:54 AM
02-15-2019 01:05 AM
Hello,
--> Thus I want to secure the nat on the B so that not all traffic are permited to or from C.
Static NAT takes precedence, so as long as there is a static mapping, all traffic for C will use that entry.
What exactly do you mean by 'securing the NAT' ? What traffc do you NOT want to reach C ?
02-15-2019 03:05 AM
Hello,
Static nat 1:1 goes directly to an IP address (a host), so i want to have a way to create an ACL. for this 1:1 nat.
Because the public adress B that is used for the nat is not tied to any interface.
Regards
02-15-2019 01:26 AM
Use an acl, NAT should not be used to secure traffic.
Jon
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: