NAT inside to DMZ, needed??

Unanswered Question

After reading up on nating I don't think we need to NAT our traffic going from 10.0.0.0 /8 (Inside) to 10.100.0.0/16 (DMZ).

I know we need to NAT (Outside) to any internal private address and need to NAT any internal private address to the (Outside).

global (Outside) 1 xx.xx.xx.x netmask 255.255.255.255

global (DMZ) 1 interface

nat (Inside) 0 access-list nat0

nat (Inside) 1 0.0.0.0 0.0.0.0

nat (DMZ) 0 access-list nonat_dmz

nat (DMZ) 1 0.0.0.0 0.0.0.0

See diagram.. hopefully.

http://www.cisco.com/warp/public/110/generic_ports2.gif

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion