Filter
Top Products
23-32
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 23 Configuring Network Address Translation
NAT Policies on Security Devices
Configuring NAT on ASA 8.3+ Devices
The following section describes configuring network address translation on version 8.3 or later ASA
devices:
• Translation Rules: ASA 8.3+, page 23-32
–
Add and Edit NAT Rule Dialog Boxes, page 23-35
–
Add or Edit Network/Host Dialog Box: NAT Tab, page 23-41
• Per-Session NAT Rules: ASA 9.0(1)+
See Configuring NAT on PIX, FWSM, and pre-8.3 ASA Devices, page 23-17 for information about
configuring NAT on other security appliances. Refer to About “Simplified” NAT on ASA 8.3+ Devices,
page 23-3 for general information about NAT rules, and the changes to NAT configuration implemented
on the ASA 8.3.
Translation Rules: ASA 8.3+
Use the Translation Rules page to manage network address translation (NAT) rules on the selected ASA
8.3+ device. See NAT Policies on Security Devices, page 23-15 for information about configuring
Translation Rules on other security devices.
Maximum UDP Connections The maximum number of UDP connections allowed to connect to the
statically translated IP address. If zero, the number of connections is
unlimited. This option is set in the Advanced NAT Options Dialog Box,
page 23-28.
Timeout For PIX 6.x devices, this is the timeout value for a static translation
rule. This value overrides the default translation timeout specified in
Platform > Security > Timeouts. A Timeout value of 00:00:00 here
means that translations matching this rule should use the default
translation timeout specified in Platform > Security > Timeouts.
Randomize Sequence
Number
Whether the security appliance will randomize the sequence number of
TCP packets: Yes or No. This option is set in the Advanced NAT
Options Dialog Box, page 23-28, and is enabled by default.
Category The category to which the rule is assigned. Categories use labels and
color-coding to help identify rules and objects. See Using Category
Objects, page 6-12 for more information.
Note No commands are generated for the Category attribute.
Description The description of the rule, if provided.
Last Ticket(s) Shows the ticket(s) associated with last modification to the rule. You
can click the ticket ID in the Last Ticket(s) column to view details of
the ticket and to navigate to the ticket. If linkage to an external ticket
management system has been configured, you can also navigate to that
system from the ticket details (see Ticket Management Page,
page 11-51).
Table 23-13 General Tab - Translation Rules Summary Table (Continued)
Element Description