23-34
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 23 Configuring Network Address Translation
NAT Policies on Security Devices
–
Filtering Tables, page 1-45
–
Table Columns and Column Heading Features, page 1-46
Navigation Path
• (Device view) Select NAT > Translation Rules from the Device Policy selector.
• (Policy view) Select NAT (PIX/ASA/FWSM) > Translation Rules from the Policy Type selector.
Select an existing policy from the Shared Policy selector, or right-click Translation Rules to create
a new policy.
The Translation Rules page is displayed. Note that in Policy View, the Network Object NAT Rules
section is not displayed because those rules are device-specific.
Adding, Editing and Deleting Rules
To add a NAT rule:
1. Select the heading of the section to which the rule is to be added. If you do not select a heading, the
rule will be added to NAT Rules Before by default.
2. Open the Add NAT Rule dialog box: either click the Add Row button at the bottom of the table, or
right-click anywhere in the table (except on an existing rule entry) and choose Add Row from the
pop-up menu.
3. Define the rule and then click OK to close the dialog box, adding the rule to the table.
To edit a NAT rule:
1. Open the Edit NAT Rule dialog box for the desired rule: either select the rule in the NAT rules table
and then click the Edit Row button at the bottom of the table, or simply right-click the desired rule
entry and choose Edit Row from the pop-up menu.
2. Edit the rule and then click OK to close the dialog box.
See Add and Edit NAT Rule Dialog Boxes, page 23-35 for a complete description of the Add NAT Rule
dialog box.
To delete a NAT rule, select the rule in the table and click the Delete Row button at the bottom of the
table, or simply right-click the desired rule entry and choose Delete Row from the pop-up menu.
Note To remove a Network Object NAT rule from this table, you must uncheck the Add Automatic Address
Translation NAT Rule option, or change the device to which the rule is assigned, in the related Edit
Network Host dialog box. See Add or Edit Network/Host Dialog Box: NAT Tab, page 23-41 for
additional information.
Enabling and Disabling Rules
You can disable one or more consecutive rules without removing them from the table, as follows:
1. Select the rule(s) to be disabled. If selecting a contiguous block of rules, click the first and then
Shift-click the last rule of the block.
2. Right-click a selected rule, and choose Disable from the pop-up menu.
Disabled rules are grayed-out in the table.
To re-enable one or one or more consecutive disabled rules, repeat this process, choosing Enable from
the pop-up menu.