Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Bronze

NAT Processing Order

Hi All,

If I have multiple NAT statements on a router how are they processed? Is there some sort of sequential order or does it use the more specific statement?

E.G if I have a NAT command which has an ACL denying certain traffic, but another NAT command with an ACL allowing that traffic, what is processed?

Thanks

2 REPLIES
Hall of Fame Super Blue

NAT Processing Order

Generally speaking static NAT takes precedence over dynamic NAT. For the ASA firewall the docs do actually state the exact order but for IOS i can't find a similiar doc.

In terms of your specific question it shouldn't matter which is processed first because they are both processed so the right NAT would happen ie.

if the deny was matched first then that NAT statement is simply not applied but then the NAT statement with the permit would be matched so it would still work.

It is not like an acl where once it is matched all processing stops, processing only stops for that specific NAT statement.

Are you having an issue with NAT ?

Jon

Bronze

NAT Processing Order

Hi Jon,

Thanks for the info. Not having any issues. I was setting up some NATs and I just started to wonder about how it was actually processed. Didn't really give it too much thought previously.

What you have said makes sense so thanks!

84
Views
0
Helpful
2
Replies
CreatePlease login to create content