- Posts: 17
- Thank you received: 0
Two WAN Connections
14 years 9 months ago #33882
by taq
Two WAN Connections was created by taq
Hi guys,
Would like to know that can a firewall with one port connected to internet and another port connected to a private WAN? Both ports to use NAT.
Is it possible.
Thanks.
Would like to know that can a firewall with one port connected to internet and another port connected to a private WAN? Both ports to use NAT.
Is it possible.
Thanks.
14 years 9 months ago #33883
by Losh
~ Networking :- Just when u think its starting to make sense......... ~
____________________________________________
CCNA, CCNP, CCNA Security, JNCIA, APDS, CISA
Replied by Losh on topic Re: Two WAN Connections
NAT is always used on the outside interface. The firewall will always ask you to identify your inside (trusted) interface and outside (untrusted) interface then it will apply NAT to your outside interface.
~ Networking :- Just when u think its starting to make sense......... ~
____________________________________________
CCNA, CCNP, CCNA Security, JNCIA, APDS, CISA
14 years 9 months ago #33884
by krik
Christophe Lemaire
www.exp-networks.be/blog/
Replied by krik on topic Re: Two WAN Connections
Hi taq,
It depends which firewall you're referring to... On a Cisco firewalls (PIX, ASA or FWSM) you can NAT whatever you want on whatever interface you want. You'll have to use "static" and/or "global" commands.
Non Cisco firewalls like Juniper Netscreen or Checkpoints allow this as well.
If you use a Cisco router as firewall, then you have to define some interfaces as "outside" and other as "inside" interfaces. The NAT is only possible when a packets flows from an inside interface to an outside interface or from an outside interface to an inside interface. For this you'll use the "ip nat source ..." and "ip nat destination ..." commands.
It depends which firewall you're referring to... On a Cisco firewalls (PIX, ASA or FWSM) you can NAT whatever you want on whatever interface you want. You'll have to use "static" and/or "global" commands.
Non Cisco firewalls like Juniper Netscreen or Checkpoints allow this as well.
If you use a Cisco router as firewall, then you have to define some interfaces as "outside" and other as "inside" interfaces. The NAT is only possible when a packets flows from an inside interface to an outside interface or from an outside interface to an inside interface. For this you'll use the "ip nat source ..." and "ip nat destination ..." commands.
Christophe Lemaire
www.exp-networks.be/blog/
Time to create page: 0.122 seconds