Cisco Systems OL-16647-01 Network Router User Manual

Open as PDF

of 1230

21-27

Cisco ASDM User Guide

OL-16647-01

Chapter 21 Configuring NAT

Using Static NAT

Policy NAT lets you identify real addresses for address translation by specifying the source and

destination addresses. You can also optionally specify the source and destination ports. Regular NAT can

only consider the source addresses, and not the destination. See the “Policy NAT” section on page 21-10

for more information.

Static PAT lets you translate the real IP address to a mapped IP address, as well as the real port to a

mapped port. You can choose to translate the real port to the same port, which lets you translate only

specific types of traffic, or you can take it further by translating to a different port. For applications that

require application inspection for secondary channels (for example, FTP and VoIP), the security

appliance automatically translates the secondary ports. For more information about static PAT, see the

“Static PAT” section on page 21-9.

You cannot use the same real or mapped address in multiple static rules between the same two interfaces

unless you use static PAT. Do not use a mapped address in the static rule that is also defined in a global

pool for the same mapped interface.

Static identity NAT translates the real IP address to the same IP address.

This section includes the following topics:

• Configuring Static NAT, PAT, or Identity NAT, page 21-27

• Configuring Static Policy NAT, PAT, or Identity NAT, page 21-30

Configuring Static NAT, PAT, or Identity NAT

Figure 21-21 shows typical static NAT, static PAT, and static identity NAT scenarios. The translation is

always active so both translated and remote hosts can originate connections.

Figure 21-21 Static NAT Scenarios

To configure static NAT, PAT, or identity NAT, perform the following steps:

10.1.1.1 209.165.201.1

Inside Outside

10.1.1.2 209.165.201.2

Security

Appliance

Static NAT

Static Identity NAT

Static PAT

10.1.1.1:23 209.165.201.1:23

Inside Outside

10.1.1.2:8080 209.165.201.2:80

Security

Appliance

209.165.201.1 209.165.201.1

Inside Outside

209.165.201.2 209.165.201.2

Security

Appliance

191660

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Cisco Systems OL-16647-01 Network Router User Manual