02-15-2016 08:29 PM - edited 03-12-2019 12:18 AM
Hi,
I"m looking to confirm that NAT is not needed when crossing ASA interfaces; for example, when going from an inside interface (sec 100) to a dmz interface (sec 50) and back.
Back when NAT was required to cross ASA interfaces, I know there were different setups like exemption and hiding, but I thought it was possible now to just let traffic go across the interfaces and all that is needed is ACLs.
Don't have a test unit at the moment and need to make some changes that will work the first time.
Thanks for your input.
02-15-2016 11:04 PM
That's exactly how it works. NAT is only done if there is a NAT config between two interfaces. If there are no NAT rules, then the traffic is routed without translation.
02-16-2016 04:45 AM
Thanks for confirming. Don't always have time to re-read the docs.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide