Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NAT/PAT

Suppose there is an archetecture like this: a firewall (connectted to internet) and a web/app server in the DMZ.

Any outgoing request (initialized from a inside LAN computer) will be processed by the firewall('s internal table):

from: 192.168.32.10 port 400

firewall outside: 215.37.32.203 port 1

which will be used to convert back to the 192.168.32.10 port 400 once the response comes back from the outside;

Now, if a request is initialized from an outside remote user's computer such as 123.44.55.6. It requests the web server (in the DMZ) via http to gain access to the web site. Does the firewall create a table similar to the above-mentioned, to record/convert back and forth the IP address and port, too?

(I mean, is the (frewall) conversion table used for the outbounding only, or for inbounding, too)?

Thanks tohelp.

Scott

1 REPLY
New Member

Re: NAT/PAT

hi Scott,

in your case, if you have only one public address, and want external access to a website in you dmz or lan, you have to make that translation again as you did in the lan->internet configuration, just this time, the other way around.

209
Views
3
Helpful
1
Replies
CreatePlease login to create content