I have 2 sites that works independantly each one, if one site fail, the other one take control. Having 2 private networks separatly for each site, is one of the firewall fails, switches will start sending it to the other FW, NAT is configured on FW1 and FW2. For FW1 it will be translate from 10.x.x.x /24 to 200.x.x.x and FW2 192.168.x.x /24 to 190.255.x.x.
Is possible that FW1 can be configured with a rule that translate 192.168.x.x /24 to 190.255.x.x
and FW2 with a rule 10.x.x.x /24 to 200.x.x.x.
It is mandatory, that the interface connecting the ROUTER to the FW belongs to the network that is doing NAT, can it be a simple /30 and the NAT rules coexist in both FW?
I am attaching a diagram.
Thanks for you answer.