cisco asa behavior

Unanswered Question
Aug 2nd, 2007

Hi all, by default do cisco asa NAT all traffic?? If this is the case why do we need to define NAT rules on there?


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
srue Thu, 08/02/2007 - 08:55

by default, no traffic is NAT'ed. To FORCE all traffic to match any sort of NAT statement, enable 'nat-control'.

Once you enable nat-control, all traffic passing from a higher security interface to a lower security interface will need to match a nat statement - static command, nat/global, nat zero.


This Discussion