probably a real simple question: I have a router-ASA combination. The router's WAN interface has a public IP 126.96.36.199 and there is a small stub 192.168.1.x network in between the router and the ASA and finally the web server at 172.16.1.16 I've never done double-NAT before and I can't think of any reason that it shouldn't work, but I thought I'd do a quick post here to see if the standard NAT work should across the two devices to get to an IP on the inside LAN of the ASA? (I know it would be easier to change the ASA to be in transparent mode and not do double NAT at all, but I'm not allowed to do that)
I agree with Jon that it should work fine as long as the web application doesn't timeout due to any delay in additional processing by either the router/ASA. Under normal situation NAT processing on both devices should be very quick (in microseconds). The whole NAT process would be transaparent to the TCP end devices.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...