Hi,
I have a customer who has a fairly large network of 100+ locations all connected to a central site (192.168.1.0/24) via MPLS (Cisco router on each branch site).
Their routers are controlled by an external vendor and the branch sites can only access the central site...they can't access other branch sites or the internet because of ACL's on the local routers.
They have a new application installed in some branch offices which needs access to the internet and they've been quoted over 10k to have all of the routes and ACL's updated.
They have a Watchguard 750 firewall in the central site so I want to know can I set up some sort of NAT/port forward from an internal address on the central site network to the internet site? The idea being if someone in a brach office types in 192.168.1.2 the local router routes the request to the firewall and the firewall routes it out to the internet and then back again, bypassing the ACL and saving my customer the expense!
I've also thought of using a proxy but I think it would be cleaner to do it on the firewall. I've done it before in Checkpoint but can't see anywhere in Watchguard to do it.
Hope you can help.
I have a customer who has a fairly large network of 100+ locations all connected to a central site (192.168.1.0/24) via MPLS (Cisco router on each branch site).
Their routers are controlled by an external vendor and the branch sites can only access the central site...they can't access other branch sites or the internet because of ACL's on the local routers.
They have a new application installed in some branch offices which needs access to the internet and they've been quoted over 10k to have all of the routes and ACL's updated.
They have a Watchguard 750 firewall in the central site so I want to know can I set up some sort of NAT/port forward from an internal address on the central site network to the internet site? The idea being if someone in a brach office types in 192.168.1.2 the local router routes the request to the firewall and the firewall routes it out to the internet and then back again, bypassing the ACL and saving my customer the expense!
I've also thought of using a proxy but I think it would be cleaner to do it on the firewall. I've done it before in Checkpoint but can't see anywhere in Watchguard to do it.
Hope you can help.