One of my clients has 254 public address (x.x.1.0/24) which are used for both servers and services but also infrastructure components. These 254 addresses are part of a bigger class B network (x.x.0.0/16) of again, publicly routable IPs. Our 254 IPs are currently NAT'd with a pair of ASA5520s to 2 zones, 1 DMZ, 2 inside. The DMZ contains any server/service which we allow access to from source "any" while inside is used for anything else, servers/infrastructure which is available only within the bigger, Class B network (x.x.0.0/16). The bigger class B network recently deployed a class A private network (10.0.0.0/8) which is routable with the class B network (x.x.0.0/16). As such we have been considering moving all infrastructure components to a private network, but protect it with our current ASA5520s, within a different zone. The one thing which is currently preventing us from executing is some of our devices have a "Call-home" feature we do not want to lose, and we would if we went on the 10.0.0.0/8 network.
The discussion is to answer weather an ASA5520 can conceptually do the following pair of NATs;
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...