Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1674
Views
0
Helpful
1
Replies

ASA 8.4 NAT Command Selection

Go to solution
Cody Ridge
Level 1
Level 1

‎07-05-2011 02:23 PM - edited ‎03-11-2019 01:55 PM

Hello,

I am designing a new NAT configuration for an ASA 8.4

On my PIX 8.0 configuration I needed to allow bidirectional traffic between interfaces
with different security levels.  For example, Inside at 100 and dmz at 50

To accomplish this in 8.0 I used a static NAT command along with any necessary ACLs.


Something like this:

Inside - 192.168.50.0
DMZ - 192.168.70.0

static (inside,dmz) 192.168.50.0 192.168.50.0 netmask 255.255.255.0

I now need to apply this same 8.0 config for 8.4.  With the static command not available
in 8.4 I am unsure of which NAT commands to use to achieve the bidirectional traffic.

Should I use:

object network InsideDMZ
subnet 192.168.50.0 255.255.255.0
nat (inside,dmz) static InsideDMZ

Or, use commands such as:


object network InsideDMZ
subnet 192.168.50.0 255.255.255.0

nat (inside,dmz) source static InsideDMZ InsideDMZ

Thank you for your assistance

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
varrao
Level 10
Level 10

‎07-05-2011 07:14 PM

Hi Cody,

Use the second nat statement, that is the right one.

Thanks,

Varun

Thanks,
Varun Rao

View solution in original post

0 Helpful
1 Reply 1

Go to solution
varrao
Level 10
Level 10

‎07-05-2011 07:14 PM

Hi Cody,

Use the second nat statement, that is the right one.

Thanks,

Varun

Thanks,
Varun Rao
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card