Attached diagram represent my planned lab setup in which VLAN 80 will be the outside interface configured with Public IPs. (22.214.171.124/28). 126.96.36.199 will be the VIP (HSRP) ip of the router interface and 188.8.131.52 & .3 will be configured on the router ethernet interface. The router will be connected to the MSFC (6500).i will have 184.108.40.206 and 220.127.116.11 for my active and standby FWSM outside (vlan 80) interfaces.
i have 4 different vlans connected onto the L2 switch 10.1.1.0/24 ,2/24,3/24 and 4/24.Now i want 10.1.1.0/24 to go out and access the outside networks wich is external to my network using one of the public ip i have with me from the pool (18.104.22.168/27)(22.214.171.124) and my other network 10.1.2.0/24 is being accessed from outside network on few port numbers , for which i have planned to use the public ip 126.96.36.199.
now my confusion is how to allow them using NAT in FWSM both inbound and outbound NATs.
10.1.1.0/24 is the high security zone and others are DMZ.
Pls help me with sampl configs/inputs/suggestions.
My second query here is about access enabling between zones.Communication from High security zone to Low security zone requires an Inbound ACL in High security zone interface and nothing on the low security zone interface, communication orginated from Low security zone to high zone requires Inbound ACL in low security zone and Outbound ACL in high secrity zone.
Pls let me know whether i am rite in my understanding.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...