Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

NAT question on 8.4

If I have servers on a DMZ that use REAL public IP's, do I need to NAT them to be reached from outside like I would for a server that is on the inside that is routed?

Say my inside is 192.168.100.x, and I have a server with 8.1.8.12 as the IP inside, and I point a rout to it, but I need to do a 1:1, 8.1.8.12 8.1.8.12 static NAT.

Do I need to do the same if it is on a DMZ interface that is the same network as the real IP like I would if the Inside needs to reach DMZ servers?

NAT (outside,DMZ) source static servers servers destination  DMZ DMZ

1 ACCEPTED SOLUTION

Accepted Solutions

NAT question on 8.4

Hello,

No, that is not need it as it is already a public and routable ip address.

Also remember that on 8.3 and prior versions NAT-control is not enabled by default.

Regards,

Do rate helpful posts

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
2 REPLIES

NAT question on 8.4

Hello,

No, that is not need it as it is already a public and routable ip address.

Also remember that on 8.3 and prior versions NAT-control is not enabled by default.

Regards,

Do rate helpful posts

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
New Member

NAT question on 8.4

I forgot about the Nat-Control. Thats right, I remember now. Thanks.

229
Views
0
Helpful
2
Replies
CreatePlease to create content