I'm the new/only network guy at a small company of 170 users. Two PA-3020 firewalls in HA, a primary and a backup ISP. I'm trying to understand how the NAT configuration works and what it means.
Screenshot of our NAT policies
Traffic always egresses from ISP-1, we're not doing load balancing to the backup ISP-2. Am I correct in reading this that after the packet is translated out to the internet, the source address could be any of the six of our public IPs on ISP-1 (we have a /29)?
If my Sysadmin wants a public address for one of our web servers, will I need to re-write these NAT rules to exclude that IP from being part of the NAT pool?
Am I even using the correct terminology here? My only experiences with NAT is from my CCNA course, my prior job had an entire /16. So this is my first time working in a NATed environment.
No comments:
Post a Comment