<div>
That's only because you are pre version 8.3, if you upgrade your firewall to a version above 8.3 (RAM and support contract permitting) then you do not need to NAT between interfaces.<br />
<a href="http://www.petenetlive.com/KB/Article/0000316.htm" rel="ugc">ASA 5500 Adding a DMZ Step By Step</a><br />
<br />
Pete
</div>


That's only because you are pre version 8.3, if you upgrade your firewall to a version above 8.3 (RAM and support contract permitting) then you do not need to NAT between interfaces.
ASA 5500 Adding a DMZ Step By Step [http://www.petenetlive.com/KB/Article/0000316.htm]

Pete

<div>
Thanks. &nbsp;That is what I needed.
</div>


<div>
<div class="content wysiwyg-content">
I'm have a Cisco ASA5510 running version 8.2.5. &nbsp;I put a TAC case in a couple months ago regarding servers on the DMZ being able to access servers on the inside interface. Turns out the problem was NAT. The DMZ network was not able to initiate a connection to the inside network until we configured static NAT to itself or NAT exemption as follows:<br />
<br />
static (inside,dmz) 10.4.0.238 10.4.0.238 netmask 255.255.255.255<br />
<br />
DMZ network is 192.168.15.0/24<br />
Internal network is 10.4.0.0/20<br />
<br />
So if I wanted to access 10.4.0.238 from the DMZ network I had to enter the above command. &nbsp;How do I do this for the whole subnet? &nbsp;Not just a single IP address like above?
</div>
</div>


I'm have a Cisco ASA5510 running version 8.2.5.  I put a TAC case in a couple months ago regarding servers on the DMZ being able to access servers on the inside interface. Turns out the problem was NAT. The DMZ network was not able to initiate a connection to the inside network until we configured static NAT to itself or NAT exemption as follows:

static (inside,dmz) 10.4.0.238 10.4.0.238 netmask 255.255.255.255

DMZ network is 192.168.15.0/24
Internal network is 10.4.0.0/20

So if I wanted to access 10.4.0.238 from the DMZ network I had to enter the above command.  How do I do this for the whole subnet?  Not just a single IP address like above?

Cisco ASA5520 - Servers on the DMZ need access to servers on the internal network

Cisco PIX is a dedicated hardware firewall appliance; the Cisco Adaptive Security Appliance (ASA) is a firewall and anti-malware security appliance that provides unified threat management and protection the PIX does not. Other Cisco devices and systems include routers, switches, storage networking, wireless and the software and hardware for PIX Firewall Manager (PFM), PIX Device Manager (PDM) and Adaptive Security Device Manager (ASDM).

Cisco

A router is a networking device that forwards data packets between computer networks. Routers perform the "traffic directing" functions on the Internet. The most familiar type of routers are home and small office cable or DSL routers that simply pass data, such as web pages, email, IM, and videos between computers and the Internet. More sophisticated routers, such as enterprise routers, connect large business or ISP networks up to the powerful core routers that forward data at high speed along the optical fiber lines of the Internet backbone. Though routers are typically dedicated hardware devices, use of software-based routers has grown increasingly common.

Routers

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.