- Sep 4, 2012
- 10
- 0
- 10,510
Hello.
I need some help understanding NAT in a cisco environment. Specifically this:
I am looking at our current asa that handles nat and I can see the polices in place with the show nat detail. The issue I'm having is I don't understand how services like our lync edge server / outlookweb access are being translated back into our lan. We have a few internet addresses for these services and I can see on the ASA where interfaces are setup for DMZs. They all have private ip addresses. There is an inside interface and an outside interface. The problem I'm seeing is when I do the show nat detail I only see nat polices that state inside to outside. Or DMZ-LyncEdge to outside. They are defined under Auto NAT Policies.
So my question is how can the internet address be translated into the private addressing scheme if there is only inside to outside natting? I would understand what is going on if I saw natting from outside to inside, but it doesn't exist. The network works great, but I am going to have to setup natting for some new cad apps and servers in the future.
Any advice on how nat works from outside to inside would be great and if any more detail is needed please let me know. I'm new to this and don't know exactly what to tell everyone so I can get this resolved. Thanks so much!
I need some help understanding NAT in a cisco environment. Specifically this:
I am looking at our current asa that handles nat and I can see the polices in place with the show nat detail. The issue I'm having is I don't understand how services like our lync edge server / outlookweb access are being translated back into our lan. We have a few internet addresses for these services and I can see on the ASA where interfaces are setup for DMZs. They all have private ip addresses. There is an inside interface and an outside interface. The problem I'm seeing is when I do the show nat detail I only see nat polices that state inside to outside. Or DMZ-LyncEdge to outside. They are defined under Auto NAT Policies.
So my question is how can the internet address be translated into the private addressing scheme if there is only inside to outside natting? I would understand what is going on if I saw natting from outside to inside, but it doesn't exist. The network works great, but I am going to have to setup natting for some new cad apps and servers in the future.
Any advice on how nat works from outside to inside would be great and if any more detail is needed please let me know. I'm new to this and don't know exactly what to tell everyone so I can get this resolved. Thanks so much!
Facebook
Twitter
Instagram