For some reason which no one seems to know we have Static Network NAT statements on our ASA which NAT a network to the same network.Anyone know any reason why this might be in place as I can't understand what it achieves?
Re: Strange Config NATing to the same address range
Use a static NAT rule to translate one network to itself its very useful in scenarios where you don't really need NAT but you need to allow communication to a higher security interface.
The ASA used to not allow traffic to a higher sec. interface without a static NAT rule... and if communication between both interfaces stay local... there's no need to NAT so a good option is an identity static NAT (which translates the network or host to itself).
If you do require to NAT, check if you can add those rules (or even remove the identity NAT if not needed).
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...