NAT for multiple subnets on Cisco ASA

A router is being added to create somewhat of a DMZ to separate servers from workstations.  Simplified network topology attached.  The existing ASA now must NAT Internet traffic for 10.4.0.0 as well as the newly-created 12.2.0.0 subnet.  It should be noted there are other subnets in the 10.x.x.x range hanging off the ASA.

Here are the NAT commands currently in FWL1:
global (outside) 1 12.1.1.1 netmask 255.255.255.224
nat (inside) 0 access-list inside_nat0_outbound
nat (inside) 1 10.4.0.0 255.255.0.0

Simple but possibly dumb question...  Just add a NAT (inside) 1 10.2.0.0 255.255.0.0?
MAO-NAT-Example.png
LVL 1
David BlairAsked:
Who is Participating?
 
Pete LongTechnical ConsultantCommented:
From a nat perspective yes - don't forget you will still need to to let the traffic through though (assuming you have an access-list applied to the firewalls inside interface).

Pete
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.