Re: Best way to do multiple NAT statements on ASA

Discussion in 'Cisco' started by Morph, Jun 25, 2010.

  1. Morph

    Morph Guest

    In the message <>
    Andrew Hodgson wrote:

    | I have 3 DMZs and an inside network.
    |
    | Inside network is 192.168.1.0/24, DMZ1 is 192.168.2.0/24, DMZ2 is
    | 3.0/24, and DMZ 3 is 4.0/24.
    |
    | I want all networks to be able to talk to each other without NAT
    | (there will be ACLs however).
    |
    | Currently I have NAT statements like this:

    | However, what is the most efficient way to get all the DMZs talking to
    | each other without NAT? Do I have to use commands like:
    | Is there a more efficient or secure way?

    You can disable the nat control feature.
    The command is: no nat-control
    After this you don't need to have nat statements for traffic that goes
    from one interface to another.
     
    Morph, Jun 25, 2010
    #1
    1. Advertising

  2. Morph

    moayad

    Joined:
    Feb 24, 2010
    Messages:
    6
    Location:
    Syria
    to make DMZ1 connect to DMZ2 without NAT this is the command and u repeat the setrp for all dmz
    static (dmz1,dmz2) 192.168.2.0 192.168.2.0 netmask 255.255.255.0
    Notice : that mean DMZ1 conenct to DMZ2 by its IP address 192.168.2.0
     
    Last edited: Jul 19, 2010
    moayad, Jul 19, 2010
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. spork
    Replies:
    4
    Views:
    811
    Vincent C Jones
    Apr 10, 2007
  2. AM

    Deleting NAT statements.

    AM, Mar 28, 2007, in forum: Cisco
    Replies:
    5
    Views:
    1,625
  3. Gerry
    Replies:
    2
    Views:
    2,030
    Morph
    Mar 16, 2008
  4. Igor Mamuzić aka Pseto

    Re: Best way to do multiple NAT statements on ASA

    Igor Mamuzić aka Pseto, Jul 13, 2010, in forum: Cisco
    Replies:
    0
    Views:
    538
    Igor Mamuzić aka Pseto
    Jul 13, 2010
  5. Igor Mamuzić aka Pseto

    Re: Puzzling question on new NAT statements on ASA 8.3

    Igor Mamuzić aka Pseto, Jul 23, 2010, in forum: Cisco
    Replies:
    0
    Views:
    739
    Igor Mamuzić aka Pseto
    Jul 23, 2010
Loading...

Share This Page