I am replacing my PIX with a new ASA. I decided to upgrade the IOS to the latest version 8.3. NAT was one of the things which was completely redesigned. On my old PIX I had the below command. This allowed hosts on my private network to access my DMZ. I have looked through a few NAT guides but have not found referances to this command.
I am still digging through the guide. For the subnet command I will have to added all my internal networks. On my deployment I am trying to be ultra secure and only specify the networks which can go out. There does not seem to be a way to tie the subnet command into an "access-list" or "object-group"? Just curious if you know....
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...