I am designing a new NAT configuration for an ASA 8.4
On my PIX 8.0 configuration I needed to allow bidirectional traffic between interfaces with different security levels. For example, Inside at 100 and dmz at 50
To accomplish this in 8.0 I used a static NAT command along with any necessary ACLs.
Something like this:
Inside - 192.168.50.0DMZ - 192.168.70.0
static (inside,dmz) 192.168.50.0 192.168.50.0 netmask 255.255.255.0
I now need to apply this same 8.0 config for 8.4. With the static command not availablein 8.4 I am unsure of which NAT commands to use to achieve the bidirectional traffic.
Should I use:
object network InsideDMZsubnet 192.168.50.0 255.255.255.0 nat (inside,dmz) static InsideDMZ
Or, use commands such as:
object network InsideDMZsubnet 192.168.50.0 255.255.255.0
nat (inside,dmz) source static InsideDMZ InsideDMZ
Thank you for your assistance
Go to Solution.
Use the second nat statement, that is the right one.
View solution in original post
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: