with last digit .1 is the ip address of the interface.
Now we have one host from outside subnet hosted in the DMZ region. This is required for Microsoft OCS server for Audio and Video support ( NAT of the IP address is not allowed for Voice/Video). I need to configure this host with A.B.C.11 / 24 ( this is from the outside subnet ) in the DMZ region. We are struck with this problem as we are not able to give default gateway to this host. We plan to give secondary IP address from the DMZ subnet but not sure if this will work. I have done static (dmz,outside) A.B.C.11 A.B.C.11. And have given access from outside interface for full ip just for testing.
How do we configure this host and also ASA so that it will send the traffic to this server and also will receive the traffic from this server.
configure an available free interface on ASA for same security level as the outside interface. connect the Microsoft OCS server on this interface network. Also permit same-security-traffic by using the command "same-security-traffic inter-interfaceâ. To permit communication between interfaces with equal security levels, or to allow traffic to enter and exit the same interface, use the same-security-traffic command in global configuration mode.inter-interface option Permits communication between different interfaces that have the same security level. This setup will work fine so that ASA will send the traffic to this server and also will receive the traffic from this server
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...