Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

Dynamic PAT only?

Hi Everyone,

For below config   need to know it will do the dynamic PAT  only   or  it will do the Dynamic NAT  +  PAT?

object network inside_net

subnet 192.168.3.0 255.255.255.0

object network outhosts

subnet 172.16.5.0 255.255.255.0

nat (inside,outside) source dynamic inside_net interface destination static outhosts outhosts

Regards

Mahesh

2 ACCEPTED SOLUTIONS

Accepted Solutions
Super Bronze

Dynamic PAT only?

Hi Mahesh,

Yes, the mentioned configuration will do Dynamic PAT for the hosts under "inside_net". The IP address used for the PAT is the "outside" interface IP address.

This PAT is only done when the destination network is "outhosts"

- Jouni

Super Bronze

Dynamic PAT only?

Hi,

Since the "outhosts" is set as both real and mapped destination address that essentially means that no NAT will be done for the destination network.

But at the same sime it means that this Dynamic PAT configuration will only apply when the destination network is

"outhosts"

if the destination real and mapped contained different network then it would mean that NAT would also be done for the destination network.

If you had this configuration

nat (inside,outside) source dynamic inside_net interface

Then it would mean that this Dynamic PAT would apply to every destination IP address/network.

- Jouni

4 REPLIES
Super Bronze

Dynamic PAT only?

Hi Mahesh,

Yes, the mentioned configuration will do Dynamic PAT for the hosts under "inside_net". The IP address used for the PAT is the "outside" interface IP address.

This PAT is only done when the destination network is "outhosts"

- Jouni

New Member

Dynamic PAT only?

Hi  Jouni,

One last thing on this here we have destination mapped and destination real  both as outhosts.

So when does Destination mapped and real changes does it change  when we want to translate the Destination IP also?

Regards

MAhesh

Super Bronze

Dynamic PAT only?

Hi,

Since the "outhosts" is set as both real and mapped destination address that essentially means that no NAT will be done for the destination network.

But at the same sime it means that this Dynamic PAT configuration will only apply when the destination network is

"outhosts"

if the destination real and mapped contained different network then it would mean that NAT would also be done for the destination network.

If you had this configuration

nat (inside,outside) source dynamic inside_net interface

Then it would mean that this Dynamic PAT would apply to every destination IP address/network.

- Jouni

New Member

Dynamic PAT only?

Hi Jouni,

Seems it is enough to learn about NAT  today.

Best Regards

Mahesh

100
Views
0
Helpful
4
Replies
CreatePlease to create content