You are here
SEC0006 - ASA 8.3 8.4 Object NAT
Difficulty Level:
Lab Document:
<Please login to see the content>
Category:
Security
The video looks at how to configure Object NAT on a Cisco ASA 8.3. We go through NAT configuration syntax for different type of NAT scenarios and examine some characteristics specific to Object NAT.
Object NAT is one of the two ways of configuring NAT on an ASA starting from version 8.3. The configuration is built around a command 'object network', with 'nat' statement being inside an object.
Topic includes
- ASA Static NAT
- ASA Static PAT
- ASA Dynamic NAT
- ASA Dynamic PAT/PAT Pool
- ASA Destination NAT
- ASA Identity NAT
Notes:
- Object NAT is placed in Section 2 of the NAT table
- Object NAT allows separate matching for source and destination translation
- Object NAT commands are reordered automatically by type and size of defined subnets
- Object NAT does not support policy/conditional NAT where both source and destination are matched concurrently
VIRL Config File. Courtesy of Katherine McNamara @network-node.com
About Author
Metha Chiewanichakorn, CCIE#23585 (Ent. Infra, Sec, SP), is a Cisco networking enthusiast with years of experience in the industry. He is currently working as a consulting engineer for a Cisco partner. As a founder of and an instructor at labminutes.com, Metha enjoys learning and challenges himself with new technologies.