Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
428
Views
0
Helpful
1
Replies

Traffic between ASA interfaces

guilherme
Level 1
Level 1

‎08-19-2009 09:17 AM - edited ‎03-11-2019 09:07 AM

Hi,

I have the following scenario:

Outside

|

ASA--DMZ (valid IP range/28)

|

Inside (10.0.0.0/20)

I need to set up the ASA so that traffic originating from a DMZ host, with destination being the ASA's outside IP address and port 25/tcp, will be redirected to a server on inside LAN. The problem is that I need to do this WITHOUT using NAT on the DMZ interface to map inside hosts.

NAT rules mapping the inside host to outside interface are working fine if traffic originages from the outside, but if it's from the DMZ just won't work.

Commands "inter-interface" and "intra-interface" are enabled but won't help it since security levels aren't the same.

Any tips?

Regards,

Guilherme

Labels:
0 Helpful
1 Reply 1

Yudong Wu
Level 7
Level 7

‎08-19-2009 01:25 PM

I think you can use static nat like below.

static (inside,DMZ) tcp 25 25

You need add ACL to permit the traffic as well since it is from DMZ to inside.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card