• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 384
  • Last Modified:

Allowing second interface to talk to inside interface on asa 8.3+

The following is how I have my interfaces set up:

interface GigabitEthernet0/0
 nameif outside
 security-level 0
 ip address OUTSIDE IP
interface GigabitEthernet0/1
 nameif inside
 security-level 100
 ip address
interface GigabitEthernet0/2
 nameif ems
 security-level 0
 ip address

The inside interface is getting internet access and is working fine, but I need to do the same for the second interface (named ems)

What would be the nat command for the second interface on 0/2?
1 Solution
Henk van AchterbergSr. Technical ConsultantCommented:
object network obj-

nat (ems,outside) after-auto source dynamic obj- interface

Because you have both outside and ems as security level 0 please add this command to make it work:

same-security-traffic permit inter-interface
j_crow1Author Commented:
Worked like a charm : )
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now