Filter
Top Products
Appendix K Router Platform User Interface Reference
NAT Policy Page
K-14
User Guide for Cisco Security Manager 3.2
OL-16066-01
Field Reference
Table K-7 NAT Dynamic Rule Dialog Box
Element Description
Traffic Flow Access List—The extended ACL that specifies the traffic requiring dynamic
translation. Enter the name of an ACL object, or click Select to display an
Object Selectors, page F-593.
If the ACL you want is not listed, click the Create button in the selector to
display the dialog box for defining an extended ACL object. For more
information, see Add and Edit Extended Access List Pages, page F-34.
Note Make sure that the ACL you select does not permit the translation of
Security Manager management traffic over any device address on
this router. Translating this traffic will cause a loss of
communication between the router and Security Manager.
Translated Address The method for performing dynamic address translation:
• Interface—The router interface used for address translation. PAT is used
to distinguish each host on the network. Enter the name of an interface
or interface role, or click Select to display an Object Selectors,
page F-593.
If the interface role you want is not listed, click the Create button in the
selector to display the Interface Role Dialog Box, page F-464. From
here you can create an interface role object.
• Address Pool—Translates addresses using a set of addresses defined in
an address pool. Enter one or more address ranges, including the prefix,
using the format min1-max1/prefix (in CIDR notation). You can add as
many address ranges to the address pool as required, but all ranges must
share the same prefix. Separate multiple entries with commas.
Enable Port Translation
(Overload)
When selected, the router uses port addressing (PAT) if the pool of available
addresses runs out.
When deselected, PAT is not used.
Note PAT is selected by default when you use an interface on the router as
the translated address.