I am trying to figure out why I would need a NAT pool for local users accessing the DMZ. Currently I am in the mist of migrating from PIX 515e to ASA 5510 and I'm reviewing my configs. I have the following line in my PIX:
global (dmz) 10 10.1.4.50-10.1.4.99
And when I look at logs on servers on the DMZ users that are coming from the 10.1.1.x/24 network are being assigned a random IP from that 10.1.4.50 -99 block. I would rather not do this if I dont need to.
Any ideas or suggestions?