We recently ran into a small item of note on our network and we are looking for a way to mitigate the problem. I have an good idea of what we could do but wanted to see if anyone else had a better solution.
Here's the scenario:
We run OpManager 7 internally (internal IP scheme). We need to be able to monitor a website from the outside (external NAT IP). I know you can't physically loopback traffic on the same interface or at least we are not setup to do so at this time. Does anyone have any ideas?
My theory is to open a switchport on an isolated DMZ to all ICMP echo (or other OPMAN protocol?) traffic but it does open a gaping hole in our network and puts our server/software at risk.
All servers and user workstations are on separate vlans behind the firewall.