Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Static Rule versus Globan & NAT Rule

Hi there,

If I have a combination of both static address translations and a global & nat address translation for the same public ip address, which rule takes precedence. Static or global & nat.

This is a purely academic question.

Thanks in advance.

Regards

CP

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: Static Rule versus Globan & NAT Rule

Hi,

Static takes precedence , then nat0 with access-list then nat/global, then nat0

Thanks

Nadeem

3 REPLIES
Cisco Employee

Re: Static Rule versus Globan & NAT Rule

Hi,

Static takes precedence , then nat0 with access-list then nat/global, then nat0

Thanks

Nadeem

Re: Static Rule versus Globan & NAT Rule

Actually, one minor correction here for documentation sake:

NAT ORDER OF OPERATIONS

The rules are tried in order.

1) nat 0 access-list (nat-exempt)

2) match against existing xlates

3) static

a) static nat with and without access-list (first match)

b) static pat with and without access-list (first match)

4) nat

a) nat access-list (first match) Note: nat 0 access-list is not part of this command.

b) nat

(best match)

Note: When choosing a global address from multiple pools with the same nat id, the following order is tried

i) if the id is 0, create an identity xlate.

ii) use the global pool for dynamic NAT

iii) use the global pool for dynamic PAT

5) Error

Cisco Employee

Re: Static Rule versus Globan & NAT Rule

Hi Scott,

Yes you are absolutely right, thanks for the correction.

Thanks

Nadeem

104
Views
0
Helpful
3
Replies