Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

ASA nat query

i have an ASA 5520 runnng 8.4(1)

it has the following interfaces

WAN - public IP

DMZ -  public IP

Prod - 192.168.1.X

for internet access i have the following statement

object network Prod_Subnet_Internet

nat (Production,WAN) dynamic interface

do i need a similar statement if hosts in the Prod network need to access hosts in the DMZ ?

4 REPLIES
Purple

ASA nat query

Hi,

If DMZ hosts are not on the internet then you don't need to as by default nat-control is disabled.

Regards.

Alain

Don't forget to rate helpful posts.
New Member

ASA nat query

dmz hosts are on the internet, they all have public IPs

Purple

ASA nat query

Hi,

Then you need to do a NAT because private adresses are not routeable on the internet.

Regards.

Alain

Don't forget to rate helpful posts.
New Member

Re: ASA nat query

1 more thing

i am able to ping those dmz ips without a nat stmt

is icmp handled differently ?

347
Views
0
Helpful
4
Replies
CreatePlease to create content