Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PAT and Static nat combination in ASA firewall

Hi, I am using ASA 55200 firewall. My internal subnet is 10.4.0.0.

I want to confirm, if both PAT and Static nat is configured, Does Static nat work ?

What is the meaning of same IP in Static nat ?

Hope, PAT/Static NAT works only for traffic if initiated from inside n/w. Please clarify.

global (outside) 10 172.16.2.13 netmask 255.255.255.255

nat (inside) 10 0.0.0.0 0.0.0.0

static (inside,outside) 10.4.3.18 10.4.3.18 netmask 255.255.255.255

static (inside,outside) 10.4.3.194 10.4.3.194 netmask 255.255.255.255

2 REPLIES
New Member

Re: PAT and Static nat combination in ASA firewall

sir, pls help.

Hall of Fame Super Silver

Re: PAT and Static nat combination in ASA firewall

Rupesh

In the ASA5520 firewall it does work if you configure both PAT and static NAT. The addresses that you specify with static NAT will be translated that way and other addresses will be translated using PAT.

PAT is effective to allow devices inside to initiate traffic outbound and to allow responses to come back but is not effective to allow devices outside to initiate traffic inbound. To allow outside devices to initiate traffic inbound you do static NAT.

In the static NAT is the same address is used in both parameters then it means that the device uses the same address on the inside and on the outside. (effectively the address is translated to itself)

HTH

Rick

172
Views
0
Helpful
2
Replies