02-15-2019 12:19 AM - edited 03-05-2019 11:16 AM
Hi all,
Is it possible to secure inbound and outbound of a static nat?
The case is following :
There is an public address A, then a public address B, then a private adress C.
The adress A is the front End to internet, then there is a static nat for B to C.
Thus I want to secure the nat on the B so that not all traffic are permited to or from C.
Regards,
Antra
02-15-2019 12:54 AM
02-15-2019 01:05 AM
Hello,
--> Thus I want to secure the nat on the B so that not all traffic are permited to or from C.
Static NAT takes precedence, so as long as there is a static mapping, all traffic for C will use that entry.
What exactly do you mean by 'securing the NAT' ? What traffc do you NOT want to reach C ?
02-15-2019 03:05 AM
Hello,
Static nat 1:1 goes directly to an IP address (a host), so i want to have a way to create an ACL. for this 1:1 nat.
Because the public adress B that is used for the nat is not tied to any interface.
Regards
02-15-2019 01:26 AM
Use an acl, NAT should not be used to secure traffic.
Jon
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide