ASDM ASA: Public Servers vs Static NAT

fluk3dfluk3d Member Posts: 141 ■■■□□□□□□□
in CCNP Security
Hey guys,

I'm playing around on my lab ASA and I'm trying to figure out the main differences between configuring a server in a DMZ via the Public Servers section vs doing it through adding an address object and having a static nat entry


I read this document hoping to find the differences and couldn't find anything

Configure a Public Server with Cisco ASDM - Cisco Systems

This is the other method I was referring to

Port Forwarding on the Cisco ASA in 8.3 from the ASDM made easy « GregLedet.net
"Imagination is more important than knowledge." - Albert Einstein
· Share on FacebookShare on Twitter

Comments

  • Mrock4Mrock4 Banned Posts: 2,359 ■■■■■■■■□□
    I'm not an ASA guru, but I'm not aware of a difference. Before I realized I could just make an entry in the public server section, I added static NAT entries. I was under the impression the public server way just made the entry for you.
    · Share on FacebookShare on Twitter
  • jason_lundejason_lunde Member Posts: 567
    none really..the public servers section will just add the acl for you as well afaik.
    · Share on FacebookShare on Twitter
  • drkatdrkat Banned Posts: 703
    dmz is configured with a different security level and by default is not allowed to talk to the inside (100 security level) hence the definition Demilitarized Zone. Inside can however talk to lower security levels.

    ASDM isnt really ideal for getting nitty gritty with the ASA, I'd suggest reading the 8.2/8.4 configuration guide
    · Share on FacebookShare on Twitter
Sign In or Register to comment.