This type of setup also happens to be one of the two most popular configurations:įigure 1. In the example below, ExpressWay-C with IP address 192.168.1.50 needs to access ExpressWay-E ( DMZ zone, IP address 192.168.5.5) using its public IP address of 203.40.40.5. Single 3-Port/Leg Firewall DMZ with one LAN interface ExpressWay-E Server Note: Users seeking additional information on Network Address Translation concepts can visit our dedicated NAT Section that covers NAT in great depth. NAT Reflection is also seen at implementations of Cisco’s Telepresence systems where the ExpressWay-C server on the internal network needs to communicate with the ExpressWay-E server in the DMZ zone using its public IP address. What’s interesting is that NAT Reflection is not supported by all firewall appliances, however Cisco ASA Firewalls provide 100% support, making any NAT scenario possible. NAT Reflection, is a NAT technique used when devices on the internal network (LAN) need to access a server located in a DMZ zone using its public IP address. This article examines the concept of NAT Reflection, also known as NAT Loopback or Hairpinning, and shows how to configure a Cisco ASA Firewall running ASA version 8.2 and earlier plus ASA version 8.3 and later, to support NAT Reflection.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |