Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
616
Views
5
Helpful
2
Replies

NAT not required to cross ASA interfaces

lcaruso
Level 6
Level 6

‎02-15-2016 08:29 PM - edited ‎03-12-2019 12:18 AM

Hi,

I"m looking to confirm that NAT is not needed when crossing ASA interfaces; for example, when going from an inside interface (sec 100) to a dmz interface (sec 50) and back.

Back when NAT was required to cross ASA interfaces, I know there were different setups like exemption and hiding, but I thought it was possible now to just let traffic go across the interfaces and all that is needed is ACLs. 

Don't have a test unit at the moment and need to make some changes that will work the first time. 

Thanks for your input.

Labels:
0 Helpful
2 Replies 2

Karsten Iwen
VIP
VIP

‎02-15-2016 11:04 PM

That's exactly how it works. NAT is only done if there is a NAT config between two interfaces. If there are no NAT rules, then the traffic is routed without translation.

lcaruso
Level 6
Level 6
In response to Karsten Iwen

‎02-16-2016 04:45 AM

Thanks for confirming. Don't always have time to re-read the docs.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card