we are using normal pair of NAT-global commands to nat traffic from inside to outside. But now we need to do NATing as per rules based on access-list. In short some traffic will be grouped in say NAT number -- 1, that will be linked with global number --1 , some another traffic will be grouped in NAT number --2 , and will be linked with global --2, so on
But finally what we need is traffic which do not meet any of the access-list should be packed in some another NAT and global pair. This is some kind of default route placed in router. ( no match in routing table -- send it to default gateway ).
in nut shell , requirement is as follows..
NAT (1)-- GLOBAL (1)-- ACCESS-LIST 1
NAT (2)--- GLOBAL (2)--ACCESS-LIST 2
NAT (3) ---GLOBAL (3) --- FOR REST OF THE TRAFFIC ( GENERATED FROM INSIDE WHO DO NOT MATCH ACCESS-LIST 1 AND ACCESS-LIST 2 ).
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...