ASDM ASA: Public Servers vs Static NAT

fluk3dfluk3d Posts: 141Member
Hey guys,

I'm playing around on my lab ASA and I'm trying to figure out the main differences between configuring a server in a DMZ via the Public Servers section vs doing it through adding an address object and having a static nat entry

I read this document hoping to find the differences and couldn't find anything

Configure a Public Server with Cisco ASDM - Cisco Systems

This is the other method I was referring to

Port Forwarding on the Cisco ASA in 8.3 from the ASDM made easy «
"Imagination is more important than knowledge." - Albert Einstein


  • Mrock4Mrock4 Posts: 2,360Banned
    I'm not an ASA guru, but I'm not aware of a difference. Before I realized I could just make an entry in the public server section, I added static NAT entries. I was under the impression the public server way just made the entry for you.
  • jason_lundejason_lunde Posts: 567Member
    none really..the public servers section will just add the acl for you as well afaik.
  • drkatdrkat Posts: 703Banned
    dmz is configured with a different security level and by default is not allowed to talk to the inside (100 security level) hence the definition Demilitarized Zone. Inside can however talk to lower security levels.

    ASDM isnt really ideal for getting nitty gritty with the ASA, I'd suggest reading the 8.2/8.4 configuration guide
    Married to the game but she broke her vows. That's why my bars are full of broken bottles And my night stands are full of open bibles
Sign In or Register to comment.