Filter
Top Products
CHAPTER
31-1
Cisco ASA 5500 Series Configuration Guide using the CLI
31
Configuring Twice NAT
Twice NAT lets you identify both the source and destination address in a single rule. This chapter shows
you how to configure twice NAT and includes the following sections:
• Information About Twice NAT, page 31-1
• Licensing Requirements for Twice NAT, page 31-2
• Prerequisites for Twice NAT, page 31-2
• Guidelines and Limitations, page 31-2
• Default Settings, page 31-3
• Configuring Twice NAT, page 31-3
• Monitoring Twice NAT, page 31-24
• Configuration Examples for Twice NAT, page 31-24
• Feature History for Twice NAT, page 31-28
Note For detailed information about how NAT works, see Chapter 29, “Information About NAT.”
Information About Twice NAT
Twice NAT lets you identify both the source and destination address in a single rule. Specifying both the
source and destination addresses lets you specify that a source address should be translated to A when
going to destination X, but be translated to B when going to destination Y, for example.
Note For static NAT, the rule is bidirectional, so be aware that “source” and “destination” are used in
commands and descriptions throughout this guide even though a given connection might originate at the
“destination” address. For example, if you configure static NAT with port address translation, and
specify the source address as a Telnet server, and you want all traffic going to that Telnet server to have
the port translated from 2323 to 23, then in the command, you must specify the source ports to be
translated (real: 23, mapped: 2323). You specify the source ports because you specified the Telnet server
address as the source address.
The destination address is optional. If you specify the destination address, you can either map it to itself
(identity NAT), or you can map it to a different address. The destination mapping is always a static
mapping.