Configuring network object nat, Information about network object nat, C h a p t e r – Cisco ASA 5505 User Manual

Page 583: Chapter 30, “configuring network, Object nat, Chapter 30, “configuring network object nat, Chapter 30, “configuring network object

Advertising
background image

C H A P T E R

30-1

Cisco ASA 5500 Series Configuration Guide using the CLI

30

Configuring Network Object NAT

All NAT rules that are configured as a parameter of a network object are considered to be network object
NAT
rules. Network object NAT is a quick and easy way to configure NAT for a single IP address, a range
of addresses, or a subnet. After you configure the network object, you can then identify the mapped
address for that object.

This chapter describes how to configure network object NAT, and it includes the following sections:

Information About Network Object NAT, page 30-1

Licensing Requirements for Network Object NAT, page 30-2

Prerequisites for Network Object NAT, page 30-2

Guidelines and Limitations, page 30-2

Default Settings, page 30-3

Configuring Network Object NAT, page 30-3

Monitoring Network Object NAT, page 30-14

Configuration Examples for Network Object NAT, page 30-15

Feature History for Network Object NAT, page 30-22

Note

For detailed information about how NAT works, see

Chapter 29, “Information About NAT.”

Information About Network Object NAT

When a packet enters the ASA, both the source and destination IP addresses are checked against the
network object NAT rules. The source and destination address in the packet can be translated by separate
rules if separate matches are made. These rules are not tied to each other; different combinations of rules
can be used depending on the traffic.

Because the rules are never paired, you cannot specify that a source address should be translated to A
when going to destination X, but be translated to B when going to destination Y. Use twice NAT for that
kind of functionality (twice NAT lets you identify the source and destination address in a single rule).

For detailed information about the differences between twice NAT and network object NAT, see the

“How NAT is Implemented” section on page 29-16

.

Network object NAT rules are added to section 2 of the NAT rules table. For more information about
NAT ordering, see the

“NAT Rule Order” section on page 29-20

.

Advertising