The CAM is placed on the internal LAN. The CAS on the DMZ. The DMZ-address of the CAS is NAT'ed. So it looks like this:
CAM --> LAN --> Firewall with NAT --> DMZ-LAN --> CAS.
I read the manuals how to set up the connection between CAM and CAS when there is a firewall with nat'ing between those two devices. So I changed the needed things and then I was able to connect to the CAS using its NAT-ip address.
When I now check the "CCA-Server" on the CAM, I see the CAS IP-address listed as "NAT-IP [REAL-IP]" status is connected.
When I now reboot the CAS, the displayed IP address changes to the real ip only.
After the CAS is back up, the CAM tries to connect to the real ip, not to the NAT ip as configured earlier. I can also see that the CAM is trying to reach the real ip running a tcpdump on the CAM.
Any ideas? Because the CAS doesn't reconnect to the CAM. And that's my problem
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...