ASA Multiple Outside Interfaces and routing from the DMZ to them?
Hope you can help, my basic problem is that we have recently added a second outside interface with a new IP range and over a few months I will have to migrate our traffic to the new outside interface
At the moment the origonal outside Int has the default route, proxy traffic, email traffic (translated from the exchange server in the DMZ).
The first traffic I want to move is from the WWW proxy server which is in the dmz, so basically users on the inside connect to the DMZ Proxyserver which has a default gateway of the ASA DMZ interface
I need to maintain existing services on the origonal outside interface but route the Proxy internet traffic only out of the new outside interface? Any ideas?
Any changes to the default route cause major problems
I had thought of an address tranlation to the outside interface and a translation to the inside interface to seperate the tow streams of traffic to the proxy server but I am not sure if that is the best way to tackle this
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...