I have a device off the DMZ interface of the firewall (PIX\ASA) and it requires access to a number of hosts on the inside (and vice versa) on a number of ports.Does this require a NAT? ACL? Can you provide an example?
Network Security
Engage with peers and experts on network security topics such as Secure Firewall Threat Defense, Adaptive Security Appliance, Secure Firewall Management Center, and Security Cloud Control.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Cisco Community
- Technology and Support
- Security
- Network Security
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Labels
-
AAA
(10) -
Access Control Server (ACS)
(6) -
Access List
(4) -
ACI
(10) -
Advanced Threats
(1) -
AMP for Endpoints
(1) -
AnyConnect
(3) -
APIs
(1) -
Appliances
(18) -
ASA
(1) -
ASR 1000 Series
(1) -
Branch Router
(2) -
Buying Recommendation
(87) -
Catalyst 2000
(1) -
Catalyst 3000
(2) -
Catalyst 4000
(1) -
Catalyst 6000
(1) -
Catalyst 8000
(1) -
Catalyst 9000
(2) -
Catalyst Switch
(3) -
Catalyst Wireless Controllers
(1) -
Cisco
(1) -
Cisco Adaptive Security Appliance (ASA)
(9,625) -
Cisco Bugs
(54) -
Cisco Cafe
(25) -
Cisco CLI Analyzer
(1) -
Cisco Cloud Services Router
(1) -
Cisco Defense Orchestrator (CDO)
(149) -
Cisco Firepower Device Manager (FDM)
(812) -
Cisco Firepower Management Center (FMC)
(2,909) -
Cisco Firepower Threat Defense (FTD)
(3,164) -
Cisco Press Cafe
(1) -
Cisco Secure Firewall Device Management (FDM)
(41) -
Cisco Secure Firewall Management Center (FMC)
(229) -
Cisco Secure Firewall Threat Defense (FTD)
(279) -
Cisco Security Cloud Control
(16) -
Cisco Security Manager (CSM)
(3) -
Cisco Software
(20) -
CISCO START ANZ
(1) -
Cisco Threat Response
(1) -
Cisco Vulnerability Management
(46) -
Cloud
(1) -
Cloud Provisioning
(1) -
Cloud Security
(3) -
Community Bug or Issue
(1) -
Community Feedback Forum
(32) -
Community Ideas
(18) -
Compliance and Posture
(1) -
Crypto
(1) -
CSC Content with No Valid Community to Post
(1) -
CUBE
(1) -
CUCM
(1) -
Data Center Networking
(1) -
Device Admin
(14) -
EEM Scripting
(1) -
Emergency Responder
(1) -
Endpoint Security
(6) -
Enterprise Agreement
(1) -
Event Analysis
(264) -
FirePOWER
(1) -
Firepower Chassis Manager (FCM)
(2) -
Firepower Device Manager (FDM)
(16) -
Firepower Management Center (FMC)
(408) -
Firepower Threat Defense (FTD)
(221) -
Firewall Migration Tool (FMT)
(37) -
Firewalls
(1,171) -
FMC
(1) -
General
(2) -
Guest
(1) -
Identity Services Engine (ISE)
(9) -
IE3300
(1) -
Integrated Security
(8) -
Integrated Security Architecture
(1) -
Integrations
(4) -
Investigation
(2) -
iOS
(1) -
IPS and IDS
(6,580) -
IPS and IDS1
(1) -
IPS-IDS
(1) -
IPSEC
(1) -
IPv6 Configuration
(1) -
ISE
(1) -
LAN Switching
(7) -
License
(324) -
MPLS
(1) -
Multicloud Defense
(3) -
Network Management
(94) -
Network Security
(2) -
Networking
(1) -
NFVIS
(1) -
NGFW Firewalls
(37,592) -
NGIPS
(1,874) -
Online Tools and Resources
(1) -
Open Source and Open Standards
(1) -
Optical Networking
(3) -
Optics
(1) -
Other Automation Analytics Topics
(1) -
Other Collaboration Topics
(1) -
Other Community Feedback
(5) -
Other Firewalls
(1) -
Other IP Telephony
(1) -
Other NAC
(18) -
Other Network
(2) -
Other Network Security Topics
(10,790) -
Other Networking
(9) -
Other Routers
(9) -
Other Routing
(24) -
Other Routing and Switching topics
(2) -
Other Security
(1) -
Other Security Topics
(18) -
Other Switches
(12) -
Other Switching
(4) -
Other VPN Topics
(1) -
Passive Identity
(1) -
Physical Security
(21) -
Policy and Access
(2) -
Prioritization
(3) -
Remote Access
(2) -
Room Endpoints
(1) -
Routing Protocols
(9) -
SD-WAN Security
(1) -
Secure Network Analytics
(1) -
Security
(4) -
Security Management
(644) -
Segmentation
(3) -
Service Providers
(1) -
Small Business Routers
(5) -
Small Business Security
(2) -
Sourcefire
(2) -
Support
(2) -
Threat Containment
(6) -
Threat Defense
(1) -
Threat Grid
(1) -
Unified Computing System (UCS)
(1) -
Voice Gateways
(1) -
VPN
(29) -
VPN and AnyConnect
(1) -
Vulnerability Management
(46) -
WAN
(8) -
Web Security
(5) -
Webex Teams
(1) -
Wired
(3) -
Wireless Security
(1)
- « Previous
- Next »
Forum Posts
Greetings, i have an ASA 5510 with three interfaces configured.One is the outside interface, one is dediacted to voice traffic and one is dedicated to data traffic.On the data network i have my laptop and on the voice network i have a CME system with...
I have an ASA integrated with ACS for VPN clients to be able to authenticate with their Active Directory accounts. I need to figure out how to enable split tunneling per VPN group on the ACS. I found a doc that shows that the setting is under GROUP S...
Hello,On my ASA 5520, I have the IPS module SSM-20. I use the Cisco software Manager Express 6.2. I can see great information and also configure the IPS. I would like to know what I need to do or what software I need to set alerts. I currently have a...
Setting up a test lab with a new ASA 5540 with the AIP-SSM-20 module installed.ASA is up and running passing traffic for several workstations.AIP-SSM is installed and UP. I can open a session to the sensor through an SSH connection to the ASA, and ha...
I have an application that requires that the host clients retain their source port. The source ports range from TCP/10000-10040 and the destination server listens on TCP/12000. I need to NAT these hosts to a single IP address as well. Can I use a Dyn...
We have pair of ASA's that are running active/standby failover between them. We have a need to take one of the physical interfaces (not the one we use to connect to for management) and split it into two subinterfaces. So my question is how should I a...
I'm installing PIX 515 on my network, I have three interfaces inside, outside and dmz. On DMZ I have servers with public IP Addresses which are suppose to be accessed over the internet as they are (i.e. no natting, even one to one). i'm currently usi...
Dear All,FWSM module is not getting recognized even after restart the 6509E switch.When i checked the logs its getting error saying that onlie Diagnostics detected major error.Pl find the logs for your information Module 1 has Major online diagnostic...
Dear all,can any one provide network security listto follow standardizedthanks & regards
Why and how to resolve:Unable to load congiuration from asa check connection ad reload.
I have several windows machines in my DMZ, and for DMZ machines, the default is for all outbound access to be blocked, but I want to allow the machines to get windows updates. Any suggestions on how I can do this?
Hi All,Can I use a single NAC appliance (or module on a router) and configure several different policies for different kind of users? In other words... I need my NAC CAS 3310 to apply some policies to my local users, another policies to the VPN users...
We have an ASA firewall with 3 active interfaces on it. Inside,outside,and a dmz interface. We have workstations in the DMZ that only communicate with the internet. The Sec level for this interface is 50. There is no ACL or NAT's in place as the dmz ...
Hello All,Is it possible to monitor some Site-to-site VPNs that include unmanaged devices? I tried to discover a few site to site VPNs using the wizard but it always fails with saying that CSM can only discover site to site vpn on managed devices.May...
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Unanswered Topics
| Subject | Author | Posted |
|---|---|---|
| 05-26-2026 07:54 AM | ||
| 05-02-2026 06:09 AM | ||
| 04-30-2026 12:46 AM | ||
| 04-24-2026 07:04 AM | ||
| 04-22-2026 11:56 AM |
New solutions
