I have an address I would like to represent as an "Address Object". The address is 22.214.171.124 and the netmask is 255.255.255.192. I created an "Address Object" with an "IP Netmask" of 126.96.36.199/26.
I used this "Address Object" to set the interface address. Worked great. When I went to setup a bi-directional NAT policy, I needed to specify a "Source Translated Address". This address must be 188.8.131.52/32 and cannot be 184.108.40.206/26. i.e. the "Address Object" I created would not work for the NAT policy.
So I created two address objects: one for 220.127.116.11/26 and another for 18.104.22.168/32. I am not happy about the duplication. Is there a better approach?
I do agree that this lead to duplicate address objects but bi-directional NAT policy is a static NAT i.e 1-to-1 mapping. Hence the need to specify /32 address.
This is expected. You would be better off referencing the ip-address itself to avoid duplicate address objects.
Hope this helps.
It is not the duplication of "Address Objects" per se that I am bothered by... it is the duplicate entries of the same IP address. For example, if this IP address were to change, I'd like one central place to make the change. I believe this was the whole idea behind the "Address Objects".
It sounds like I should just stick with creating two "Address Objects" for each public NAT IP address. One with the netmask and one without. This way, if the IP were ever to change, I'd have to make two changes (bad) but at least they are both in the same place on the interface (good).
Thank you all,
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!