Re: Puzzling question on new NAT statements on ASA 8.3

Discussion in 'Cisco' started by Igor Mamuzić aka Pseto, Jul 23, 2010.

  1. On 22.7.2010. 21:51, Andrew Hodgson wrote:
    > Hi,
    >
    > I recently upgraded to ASA 8.3 and so that I could work out the new
    > syntax of the NAT statements, I removed all the migrated config and
    > started again.
    >
    > I have created NAT statements for all the relevant hosts, however, I
    > didn't create a NAT statement for comunication between the local
    > network and the host gollum in the DMZ network, yet I am able to
    > connect to the host fine from any machine on the internal network, and
    > gollum is able to connect to servers on the inside network, and the IP
    > addresses aren't being NATted.
    >
    > Could someone take a look at this and tell me why this seems to be the
    > case?
    >
    > Thanks.
    > Andrew.
    >
    >


    That's probably because ASA 8.3 has new NAT concepts called Object NAT
    and Twice NAT... I haven't played yet with 8.3 but if I understood
    correctly now you can bind network object with NAT in the network object
    configuration so you don't need "old" NAT statement to NAT this object.

    More on this subject:
    http://www.cisco.com/en/US/docs/security/asa/asa83/configuration/guide/nat_overview.html


    i
     
    Igor Mamuzić aka Pseto, Jul 23, 2010
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. John Caruso

    PIX ordering of static statements

    John Caruso, Dec 17, 2003, in forum: Cisco
    Replies:
    9
    Views:
    5,414
    John Caruso
    Dec 17, 2003
  2. spork
    Replies:
    4
    Views:
    807
    Vincent C Jones
    Apr 10, 2007
  3. AM

    Deleting NAT statements.

    AM, Mar 28, 2007, in forum: Cisco
    Replies:
    5
    Views:
    1,602
  4. Morph
    Replies:
    1
    Views:
    485
    moayad
    Jul 19, 2010
  5. Igor Mamuzić aka Pseto

    Re: Best way to do multiple NAT statements on ASA

    Igor Mamuzić aka Pseto, Jul 13, 2010, in forum: Cisco
    Replies:
    0
    Views:
    531
    Igor Mamuzić aka Pseto
    Jul 13, 2010
Loading...

Share This Page