I figured it out but if you have a better solution, by all mean please do.
The ISP will be changed also so the DNS record will have to change. I will configure the DMZ with the new IP range from the new ISP. Change the server IP address and the DNS record and move it to the DMZ.
I am working on a design replacing a pix firewall with FW module on a 6509. The current firewall is configured with inside and outside interfaces only. So, the NATing and the Static is between these 2 interfaces.
In my new design I will have a DMZ so the app servers will have to move to the DMZ and will require IP re-addressing.
What I am trying to do is to move the servers overtime after replacing the PIX. I am not sure if I can configure the DMZ with the new servers IP addresses (NAT, Static and ACL), configure the inside/outside on the module FW in the 6509 similar to the current pix with the current NAT, Static and ACL then as we move servers to the new DMZ the IP address will be changed.
Is it possible to have a static (DMZ, outside) public IP address to DMZ IP address and a static (inside, outside) same public IP address to inside address. Will the firewall pass the traffic to the app server on the inside prior to moving it and then to the DMZ once the server is moved and re-IPed?
Outside users qoing to xyz.com at this point will still go to 126.96.36.199
When it is time to move the server, change it's IP address to 188.8.131.52 and change the DNS record to 184.108.40.206. The user going to xyz.com will now go to 220.127.116.11 and the initial static statement for (inside, Outside) will do no harm. Correct?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...