Hi,
I have a /24 public network routed to our HP DL360G5 running Astaro 7.5x.
Due to company policy, we're using a /24 RFC1918 network inside (e.g. 10.1.1.0/24), and there are now about 40 internal IPs.
This is quite a pain to manage the following:
a. 'additional' external addresses
b. DNATs
c. SNATs
My understanding is that 9.x has a 1 to 1 NAT system, although I do not have a network I can fully test it on, so I have some questions...
1. Can I convert my existing configuration?
I plan to use a spare HP server, install 9.x, import my 7.x config, and am hoping I can delete all the NATs and add a 1-1 NAT.
2. Do I still need all of the 'additional addresses' on the external NIC, or does the 1-1 NAT take care of this somehow?
If converting the existing configuration is not feasible, then I will probably want to try to setup SUM to pull in all my network & service definitions, so I can push them to a new firewall quickly.
Any foreseeable problems with that?
Thank you,
Barry
I have a /24 public network routed to our HP DL360G5 running Astaro 7.5x.
Due to company policy, we're using a /24 RFC1918 network inside (e.g. 10.1.1.0/24), and there are now about 40 internal IPs.
This is quite a pain to manage the following:
a. 'additional' external addresses
b. DNATs
c. SNATs
My understanding is that 9.x has a 1 to 1 NAT system, although I do not have a network I can fully test it on, so I have some questions...
1. Can I convert my existing configuration?
I plan to use a spare HP server, install 9.x, import my 7.x config, and am hoping I can delete all the NATs and add a 1-1 NAT.
2. Do I still need all of the 'additional addresses' on the external NIC, or does the 1-1 NAT take care of this somehow?
If converting the existing configuration is not feasible, then I will probably want to try to setup SUM to pull in all my network & service definitions, so I can push them to a new firewall quickly.
Any foreseeable problems with that?
Thank you,
Barry