How to configure policy nat on ASA 5520
To gain access from one internal segment to the Demilitarized Zone (DMZ ), configure the Adaptive Security Appliance (ASA) for natting.
To preserve the packet and assure that natting is bypassed, a no nat statement with an Access Control List (ACL) must be configured. This is performed when the administrator does not want natting to occur.
This is termed as NAT exemption (the nat 0 access-list command). NAT exemption allows both translated and remote hosts to initiate connections. Like identity NAT, translation for a host is not limited on specific interfaces; NAT exemption must be used for connections through all interfaces.
However, NAT exemption does allow for specification of the real and destination addresses when determining the real addresses to translate (similar to policy NAT), so there is greater control with NAT exemption. However, unlike policy NAT, NAT exemption does not consider the ports in the ACL.
you can also grab the RSS feed or Subscribe to Techgurulive by Email
Not Getting
Before delving into a discussion on virtual hosts, you need to become familiar with the Virtual Hosts section in the httpd.conf file. The following section (Section 3) contains a few...
More: continued here ...
