07-05-2011 02:23 PM - edited 03-11-2019 01:55 PM
Hello,
I am designing a new NAT configuration for an ASA 8.4
On my PIX 8.0 configuration I needed to allow bidirectional traffic between interfaces
with different security levels. For example, Inside at 100 and dmz at 50
To accomplish this in 8.0 I used a static NAT command along with any necessary ACLs.
Something like this:
Inside - 192.168.50.0
DMZ - 192.168.70.0
static (inside,dmz) 192.168.50.0 192.168.50.0 netmask 255.255.255.0
I now need to apply this same 8.0 config for 8.4. With the static command not available
in 8.4 I am unsure of which NAT commands to use to achieve the bidirectional traffic.
Should I use:
object network InsideDMZ
subnet 192.168.50.0 255.255.255.0
nat (inside,dmz) static InsideDMZ
Or, use commands such as:
object network InsideDMZ
subnet 192.168.50.0 255.255.255.0
nat (inside,dmz) source static InsideDMZ InsideDMZ
Thank you for your assistance
Solved! Go to Solution.
07-05-2011 07:14 PM
Hi Cody,
Use the second nat statement, that is the right one.
Thanks,
Varun
07-05-2011 07:14 PM
Hi Cody,
Use the second nat statement, that is the right one.
Thanks,
Varun
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: