cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
217
Views
0
Helpful
5
Replies
srikanth ath
Enthusiast

ASA 9.1 Exempt Nat help

Hello Need help on Exempting Nat

I'm looking to configure a nat exempt for couple of Hosts in X-DMZ to any interface. so, what would be the correct way in 9.1 version of ASA.

 

object-group network Sensors

  network-object host 10.14.X.X

 network-object host 10.14.X.X

1.  nat ( X-DMZ ,any) source static Sensors Sensors destination static any any description nat exempt

                                                              or

2. nat exempting for each of the interfaces

 nat (X-DMZ, Leveraged) source static Sensors Sensors destination static any any description nat exempt

nat (X-DMZ, Inside) source static Sensors Sensors destination static any any description nat exempt

nat (X-DMZ, Outside) source static Sensors Sensors destination static any any description nat exempt

nat (X-DMZ, VDMZ) source static Sensors Sensors destination static any any description nat exempt

nat (X-DMZ, AND) source static Sensors Sensors destination static any any description nat exempt

 

Below are the security levels applied.

Cisco Adaptive Security Appliance Software Version 9.1(3) context.

 

ASA# sh nameif
Interface                                Name                              Security
Outside                                    Outside                         0
Inside                                        Inside                      100
TenGigabitEthernet1/1.X    Leveraged                      50
TenGigabitEthernet1/1.Y     AND                              50
TenGigabitEthernet1/3.Z     X-DMZ                           40
TenGigabitEthernet1/3.L     VDMZ                             60

 

Thanks in advance

5 REPLIES 5
Leo Laohoo
VIP Community Legend

Duplicate posts.  

 

Go HERE.

Hi Leo

You have to leave one of the posts without a link to the others or it just creates a loop someone like me is too stupid to get out of :-)

Jon

Hi Jon, 

 

LOL.  

 

The OP made four threads of the same topic.  I've "marked" three of the threads as Duplicates and all of the three should be pointed HERE.

Leo

Thanks for that.

Hope you're well.

Jon

I'm doing fine, Jon.  Thanks for asking. 

 

Just trying to get this jet lag off me.