In our environment, we are behind 2 cisco asa firewalls with 2 /24s for public ips. We are downstream from the parent org which uses a different public ip space. Our ip space isn't routable through their TIC (for whatever reason). I'm sure we could go through them to get their ISP to make our traffic routable, but I figured I could go with a many to one nat rule for 80 and 443 and be fine.
They have given me 2 ip addresses which are routable out to the internet, if I take those 2 and put them in a nat pool and say any web traffic destined anywhere outside our org (internet) use one of those ip addresses? Does this seem ok in theory?
No comments:
Post a Comment