asa dmz and nat

Answered Question
Mar 31st, 2009
User Badges:
  • Purple, 4500 points or more

All,


I'm setting up an ASA, and I have a question about nat translations.


If I have:


global (outside) 1 interface

nat (inside) 1 0.0.0.0 0.0.0.0


Will the above be sufficient to get internet access if I have 4 interfaces:


inside: 192.168.1.0

dmz1: 192.168.2.0

dmz2: 192.168.3.0

dmz3: 192.168.4.0


Or do I need to set up a pool for all of the dmz interfaces? I think the 1 global and 1 nat should work for all to go out as the interfaces address.


Thanks,

John

Correct Answer by acomiskey about 8 years 2 months ago

You would also need....


nat (dmz1) 1 0.0.0.0 0.0.0.0

nat (dmz2) 1 0.0.0.0 0.0.0.0

nat (dmz3) 1 0.0.0.0 0.0.0.0

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
acomiskey Tue, 03/31/2009 - 07:24
User Badges:
  • Green, 3000 points or more

You would also need....


nat (dmz1) 1 0.0.0.0 0.0.0.0

nat (dmz2) 1 0.0.0.0 0.0.0.0

nat (dmz3) 1 0.0.0.0 0.0.0.0

Actions

This Discussion