5-29
Cisco ASA Series Firewall ASDM Configuration Guide
Chapter 5 Configuring Twice NAT (ASA 8.3 and Later)
Monitoring Twice NAT
a. Enable rule —Enables this NAT rule. The rule is enabled by default.
b. Disable Proxy ARP on egress interface—Disables proxy ARP for incoming packets to the mapped
IP addresses. See the “Mapped Addresses and Routing” section on page 3-22 for more information.
c. (Routed mode; interface(s) specified) Lookup route table to locate egress interface—Determines the
egress interface using a route lookup instead of using the interface specified in the NAT command.
See the “Determining the Egress Interface” section on page 3-24 for more information.
d. Direction—To make the rule unidirectional, choose Unidirectional. The default is Both. Making the
rule unidirectional prevents traffic from initiating connections to the real addresses. You might want
to use this setting for testing purposes.
e. Description—Adds a description about the rule up to 200 characters in length.
Note Although the “Translate DNS replies that match this rule” check box is available if you do not
configure a destination address, this option is not applicable to identity NAT because you are
translating the address to itself, so the DNS reply does not need modification. See the “DNS and
NAT” section on page 3-31 for more information.
Step 9 Click OK.
Configuring Per-Session PAT Rules
By default, all TCP PAT traffic and all UDP DNS traffic uses per-session PAT. To use multi-session PAT
for traffic, you can configure per-session PAT rules: a permit rule uses per-session PAT, and a deny rule
uses multi-session PAT. For more information about per-session vs. multi-session PAT, see the
“Per-Session PAT vs. Multi-Session PAT (Version 9.0(1) and Later)” section on page 3-11.
Detailed Steps
To configure a per-session PAT rule, see the “Configuring Per-Session PAT Rules” section on page 4-19.
Monitoring Twice NAT
The Monitoring > Properties > Connection Graphs > Xlates pane lets you view the active Network
Address Translations in a graphical format. You can choose up to four types of statistics to show in one
graph window. You can open multiple graph windows at the same time.