Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
387
Views
0
Helpful
0
Replies

Public addressing between Firewall and Gateway

neagucatalin2
Level 1
Level 1

‎01-14-2024 03:37 PM

Hello,

I have a situation where i can't grasp some things.

 

I have a Router Cisco ISR 1k connected P2P via /30 public subnet.

Behind the Router ISR 1k, i have a Cisco FTD(firepower3110) connected p2p on a /27 public subnet. I have used first 2 public IPs on router/firewall.

Q: It is possible to use an IP from remaining /27 subnet, to be exposed via a DNAT? For example i want to connect to an unused IP from that /27 and to be redirected to a resource inside.

 

I have another issue; when i try to ping the public interface of the firewall, even if i allowed icmp in platform settings + added an ALLOW access policy, after taking a capture it looks like the traffic is not reaching the public ip of the Firewall.

 

After seeing this behaviour and having in mind that i can ping the IP address of the Router ISR 1k interface, that's  connected on the /27 segment, i cannot explain it.

 

What am i missing here?

Thank you!

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents