Hope someone here can help me out.
I have a scenario where I have an ASA with 3 interfaces (its actually 8 but I have simplified this to 3).
All 3 interfaces are privately addressed, and OSPF is running on the outside interface.
The servers in both DMZ1 and DMZ2 are statically NAT'd to the outside interface using a single public subnet (eg 220.127.116.11/24)
What I want to achieve is to have the ASA advertise the external subnet 18.104.22.168/24 into the OSPF process on the outside interface.
I have found that if I add a route for 22.214.171.124/24 to any IP address in DMZ1, then re-distribute that static into OSPF, the other OSPF routers can see the route, which is what I am trying to achieve. I do not have access to the other routers, so advertising them into OSPF is my only option.
So when the ASA receives a packet for 123.123.123.x it un-nats it and if the un-nat'd address is in DMZ1 it works, and if it is in DMZ2, it doesn't work.
Is there any way of doing this as the DMZ devices which use this external range are spread across multiple DMZ interfaces.