i dont see any nat config on the firewall but the inside network can access the DMZ with only using ACL.inside : 192.168.1.0dmz: 172.16.1.0with ACL allowing to access 172.16.1.0 from the inside without NAT.Is this suppose to work without NAT at all? ...
hi, any recommended open source application where i can ping specific ip address if its being used? also, icmp output should be logged and ping can be sheduled.Thanks in advance.
hi, yes i think you answered your own question.if you look at the NAT statement, the FW will check first on ip network that are not going to be natted (nonat) and another thing, the last acl above will confuse your routing.are the following segment n...
what is your internet bandwidth on both ends? note that there is an additional latency when VPN is in use compared to just a normal internet traffic.Check the vpn stats, any errors?show cry ipsec sa
if you dont want to encrypt the data then, yes you can just NAT the internal ip address of whatever GUI server you mentioned from the public IP. make sure you harden the access-list and only give them the specific services or ports they need.