«

In the message <. com>
Andrew Hodgson wrote:

| I have 3 DMZs and an inside network.
|
| Inside network is 192.168.1.0/24, DMZ1 is 192.168.2.0/24, DMZ2 is
| 3.0/24, and DMZ 3 is 4.0/24.
|
| I want all networks to be able to talk to each other without NAT
| (there will be ACLs however).
|
| Currently I have NAT statements like this:

| However, what is the most efficient way to get all the DMZs talking to
| each other without NAT? Do I have to use commands like:
| Is there a more efficient or secure way?

You can disable the nat control feature.
The command is: no nat-control
After this you don't need to have nat statements for traffic that goes
from one interface to another.

[moayad]

to make DMZ1 connect to DMZ2 without NAT this is the command and u repeat the setrp for all dmz
static (dmz1,dmz2) 192.168.2.0 192.168.2.0 netmask 255.255.255.0
Notice : that mean DMZ1 conenct to DMZ2 by its IP address 192.168.2.0