Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
324
Views
0
Helpful
1
Replies

internal traffice over ASA ?

thorstenn
Level 4
Level 4

‎03-22-2010 01:11 AM

hi,

it seems some internal server traffic goes over the default gateway... this should not be...

How could i exempt the internal traffic from nat ?

Labels:
0 Helpful
1 Reply 1

Jennifer Halim
Cisco Employee
Cisco Employee

‎03-22-2010 01:36 AM

Assuming the internal server ip address is 200.1.1.1:

object network obj-200.1.1.1
   host 200.1.1.1
   nat (inside,outside) static 200.1.1.1

OR/ if you are NAT exempting the whole subnet of 200.1.1.0/24:

object network obj-200.1.1.0
   subnet 200.1.1.0 255.255.255.0
   nat (inside,outside) source static obj-200.1.1.0 obj-200.1.1.0

0 Helpful
Customers Also Viewed These Support Documents