Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
460
Views
0
Helpful
3
Replies

NAT Curiosity

Go to solution
dcianci
Level 1
Level 1

‎07-28-2003 10:43 PM - edited ‎03-02-2019 09:11 AM

I'm new to setting up NAT and I am curious as to why you need to put an ACL in to get it to work. Is it in the programming of NAT to deny as default? I've looked around and the pages seem to say, "just do it like this and it will work". So I did, and it does, but why?

Sorry if this is too basic...

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
thisisshanky
Level 11
Level 11

‎07-28-2003 11:00 PM

Nat has two types of translations, dynamic and static. static is more like an one to one mapping. While in case of dynamic NAT, there needs to be some way to define which traffic needs to be nated, and which is not. The way Cisco has designed, NAT to select a particular traffic to be NATed, is to match the traffic using an access-list.

Sankar Nair
UC Solutions Architect
Pacific Northwest | CDW
CCIE Collaboration #17135 Emeritus

View solution in original post

0 Helpful
3 Replies 3

Go to solution
thisisshanky
Level 11
Level 11

‎07-28-2003 11:00 PM

Nat has two types of translations, dynamic and static. static is more like an one to one mapping. While in case of dynamic NAT, there needs to be some way to define which traffic needs to be nated, and which is not. The way Cisco has designed, NAT to select a particular traffic to be NATed, is to match the traffic using an access-list.

Sankar Nair
UC Solutions Architect
Pacific Northwest | CDW
CCIE Collaboration #17135 Emeritus
0 Helpful

Go to solution
dcianci
Level 1
Level 1
In response to thisisshanky

‎07-28-2003 11:05 PM

That's what I needed. Thanks!

0 Helpful

Go to solution
jolmo
Level 4
Level 4

‎07-28-2003 11:06 PM

I'm not sure what you mean but I'll try to give an answer.

If you're going to set up static NAT, you don't need any ACL. Obviously, you'll only get NAT translations for each static NAT statement you configure.

ACL are useful when configuring dynamic NAT. With the ACLs you say to the router the IP adresses you want to be dynamically translated and the ones you don't. Basically, this is the purpose of using ACL with NAT

HTH

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents