CHAPTER
3-1
Cisco ASA Series Firewall ASDM Configuration Guide
3
Information About NAT (ASA 8.3 and Later)
This chapter provides an overview of how Network Address Translation (NAT) works on the ASA. This
chapter includes the following sections:
• Why Use NAT?, page 3-1
• NAT Terminology, page 3-2
• NAT Types, page 3-3
• NAT in Routed and Transparent Mode, page 3-12
• NAT and IPv6, page 3-15
• How NAT is Implemented, page 3-15
• NAT Rule Order, page 3-20
• Routing NAT Packets, page 3-22
• NAT for VPN, page 3-25
• DNS and NAT, page 3-31
• Where to Go Next, page 3-36
Note To start configuring NAT, see Chapter 4, “Configuring Network Object NAT (ASA 8.3 and Later),” or
Chapter 5, “Configuring Twice NAT (ASA 8.3 and Later).”
Why Use NAT?
Each computer and device within an IP network is assigned a unique IP address that identifies the host.
Because of a shortage of public IPv4 addresses, most of these IP addresses are private, not routable
anywhere outside of the private company network. RFC 1918 defines the private IP addresses you can
use internally that should not be advertised:
• 10.0.0.0 through 10.255.255.255
• 172.16.0.0 through 172.31.255.255
• 192.168.0.0 through 192.168.255.255