09-20-2010 10:11 AM - edited 03-11-2019 11:42 AM
We have what I would call a standard ASA config with 3 interfaces. Inside, DMZ (for web servers) and outside for internet.
We need to allow an inside server to have direct access to an outside resource on the internet.
I want to know if this is as simple as setting up a static NAT from inside to outside and a ACL to allow outbound traffic only.
Dave
09-20-2010 10:23 AM
Hello,
You are correct. All you need is NAT and access-list configuration on the firewall to allow inside to talk to internet. You can use either the static NAT or dynamic NAT to enable communication between the inside and the internet.
Static NAT:
static (inside,outside)
Dynamic NAT:
global (outside) 1 interface
nat (inside) 1 0.0.0.0 0.0.0.0
Hope this helps.
Regards,
NT
09-20-2010 01:25 PM
Thanks
Dave
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide