Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

nat

what does group 0 signify

nat (dmz) 0 0.0.0.0 0.0.0.0

1 REPLY

Re: nat

Hi Aksher,

Based on the single line nat statement 'nat (dmz) 0 0.0.0.0 0.0.0.0', it indicatess that no address translation is required for any network address/IPs DMZ segment (due to all ZEROs) when accessing addresses/resources on other segments/interfaces.

It's also known as 'nat 0'.

Nat 0 is used if your firewall connect multiple segments, and you do not want to have any address translation for certain segment that need to access other segemnt due to same nature of IP Addressing, e.g Public IP used in DMZ network vs Public IP used on your internet segment (connect to Public Internet), or between 2 internal segments, e.g inside vs. DMZ that run on same private IP.

What you need is to have ACL to control the access/services.

*http://www.cisco.com/en/US/partner/products/sw/secursw/ps2120/products_command_reference_chapter09186a00801727ab.html#wp1032129

*http://www.cisco.com/en/US/partner/products/sw/secursw/ps2120/products_configuration_guide_chapter09186a0080172786.html#wp1113021

Rgds,

AK

101
Views
0
Helpful
1
Replies
CreatePlease login to create content