cannot delete NAT rule on a PIX 535 (software version 7.0)

gflorescu · ‎08-28-2007

I'm trying to delete a NAT rule but I keep getting the message:

"The operation you are trying to perform will result in some security rules being nullified. Please review your translation/security rules and try again".

I'm using a PIX535 with software version 7.0(4).

I did check the Security Rules and I didn't see anything that would conflict.

JORGE RODRIGUEZ · ‎08-28-2007

Hi, you 1st need to delete any firewall rules and/or removing the hosts from any object-groups pertaning to the hosts in the nat translations, then you can remove static nats.

HTH

Jorge

Jorge Rodriguez

gflorescu · ‎08-28-2007

I think I figured it out. I went under Building Blocks and I noticed that those ip addresses were under a Group. I removed them from the Group and then I was able to delete the NAT rule.

JORGE RODRIGUEZ · ‎08-28-2007

yeah, usually when you come accross these

"rules nullified" messages it is because the IPs are somehow tied in groups, admin groups, or access control lists .

Im glad you were able to reolve the issue..please rate all helpfull posts.

Jorge

Jorge Rodriguez

JORGE RODRIGUEZ · ‎08-28-2007

Hi, you 1st need to delete any firewall rules and/or removing the hosts from any object-groups pertaning to the hosts in the nat translations, then you can remove static nats.

HTH

Jorge

Jorge Rodriguez