Support User Manuals

Cisco Systems CL-28826-01 Security Camera User Manual

Open as PDF

of 2616

23-31

User Guide for Cisco Security Manager 4.4

OL-28826-01

Chapter 23 Configuring Network Address Translation

NAT Policies on Security Devices

• Standard rules table topics:

–

Using Rules Tables, page 12-7

–

Filtering Tables, page 1-45

–

Table Columns and Column Heading Features, page 1-46

Field Reference

Table 23-13 General Tab - Translation Rules Summary Table

Element Description

Note Hatching (a series of slanted lines) across an entry in the table indicates that rule is currently

disabled. (See Enable Rule in Add/Edit Dynamic Translation Rule Dialog Box, page 23-21 for

information about enabling and disabling these rules.)

No. Rules are evaluated sequentially in the order listed. This number

indicates the rule’s position in the ordering of the list.

Type The type of translation rule; for example, Static, Dynamic, Exemption,

etc.

Action Displays “exempt” if the rule is exempt from NAT.

Original Interface The ID of the device interface to which the rule is applied.

Original Address The object names or IP addresses of the source hosts and networks to

which the rule applies.

Local Port The port number supplied by the host or network (for static PAT).

Translated Pool The ID number of the address pool used for translation.

Translated Interface The interface on which the translated addresses are to be used.

Translated Address The translated addresses.

Global Port The port number to which the original port number will be translated

(for static PAT).

Destination The object names and IP addresses of the destination hosts or networks

to which the rule applies.

Protocol The protocol to which the rule applies.

Service The services to which the rule applies.

Direction The traffic direction (Inbound or Outbound) on which the rule is

applied.

DNS Rewrite Whether the DNS Rewrite option is enabled: Yes or No. This option is

set in the Advanced NAT Options Dialog Box, page 23-28.

Maximum TCP Connections The maximum number of TCP connections allowed to connect to the

statically translated IP address. If zero, the number of connections is

unlimited. This option is set in the Advanced NAT Options Dialog Box,

page 23-28.

Embryonic Limit The number of embryonic connections allowed to form before the

security appliance begins to deny these connections. If zero, the

number of connections is unlimited. A positive number enables the

TCP Intercept feature.

This option is set in the Advanced NAT Options Dialog Box,

page 23-28.

previous next