Hi all - We have a pretty straightforward situation I want to make sure I understand correctly.
We have a firewall that separates our users from a proxy server. Our clients have 10.1.1.1 set in their host file for proxy.net.
The proxy server is changing to 10.1.1.2. Instead of reconfiguring all of our clients we want to implement aliasing to nat 10.1.1.1 to 10.1.1.2 on the firewall.
I have two questions:
1. Is it JUST the alias command needed? I saw some sample configs which included a static NAT as well.
2. We have other clients that are going to use the updated DNS which will be correctly converting to 10.1.1.2
If the DNS server responds to these clients will it also be converted to 10.1.1.1 (causing them to reject the response) or does the alias command keep a state table and only translate coming back in for what it translated going out?
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...