Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I just wanted to double check before giving up. There is a server on the DMZ that only supports a single IP address. My client wants to translate 2 public IPs to this one IP on the DMZ. Is that possible?
We need to bring in our SIP provider through a publicly addressed connetion and need to NAT it on the firewall. But the NAT only changes the source or destination address of the IP packet. How can we also NAT the SIP body messages for INVITE comman...
We are deploying several (6) IDS sensors to monitor traffic on various VLANs on the core router/switch 3750Gs. I can only do two SPAN monitor sessions. Is there a workaround with SPAN or RSPAN so I can mirror/capture traffic for the many IDS sensor...
I have a 2600 router on a stick setup with ip helper turned on for DHCP relays. But it's not working. I got encapsulation failed on the debug logs. However I can ping back and forth just fine. Here are the logs:Dec 26 18:18:38.081 PST: IP: s=0.0....
Has anyone found a solution to creating a working outbound ACL to limit HTTP access to: http://windowsupdate.microsoft.com? It seems like this site changes IP so often, my ACL is no good after a few days. Our policy requires we implement outbound c...
Jorgemcse,This looks like what I am searching for. I think it may work and I don't have to get additional equipment. I will setup a lab and test it out. Thanks.--chuck
Ok, I think I found a solution, but you'll have to place the server behind a load balancer (like F5 BigIPs).Web----FW----LB----ServerDo the NAT on your firewall as you normally would:200.200.200.10 = 10.10.10.10200.200.200.11 = 10.10.10.11On the load...
Yip, I arrived at the same conclusion as the ASA/PIX primarily looks at source/destination and port to match up on the NAT table. I think in order for this to work in theory, the firewall (maybe Linux) will have to keep track of additional propertie...
I did read through that, however it's mainly dealing with inspection as a firewall rather than the SIP translation of the IP address within the body of the packet. We have the basic NAT turned on, but it's not working because SIP embeds the IP insid...
I did read through that, however it's mainly dealing with inspection as a firewall rather than the SIP translation of the IP address within the body of the packet. We have the basic NAT turned on, but it's not working because SIP embeds the IP insid...
