dear experts, hello
i'd like to ask you if we have two subnets each connected to a specific ethenet interface on the ASA
10.0.0.0/24 connected to E0/1
10.0.1.0/24 connected to E0/2
the question is: if i want to let the hosts of subnet 10.0.0.0/24 connect to the hosts on 10.0.1.0/24, i can creat an ACL only to permit that,
or i have to create NATing besides the permit ACL?
thanks alot for your help
The answer depends on the security level of the interfaces.
From high security to low security you don't need an ACL for TCP/UDP traffic.
From low security to high, you require ACL.
If you need NAT or not depends if you have NAT control enabled or disabled (nat-control)
If you have nat-control enabled, then you need a NAT rule to pass the traffic, otherwise traffic can flow without NAT.