nat (inside,any) source static obj-172.25.179.0 obj-172.25.179.0 destination static obj-192.168.92.0 obj-192.168.92.0 unidirectional
no nat (inside,any) source static obj-172.25.179.0 obj-172.25.179.0 destination static obj-192.168.92.0 obj-192.168.92.0 unidirectional
nat (inside,any) source static obj-172.25.179.0 obj-172.25.179.0 destination static obj-192.168.92.0 obj-192.168.92.0
clear xlate
hostname# show startup-config errors
And read through this migration guide:
(For Version 8.3(2)) NAT exemption (the nat 0 access-list command) is migrated to a twice NAT rule with the unidirectional keyword. The unidirectional keyword only alows traffic on the source network to initiate connections. Because NAT exemption is normally bidirectional, you might need to remove the unidirectional keyword to restore the original function. This migration change was made because of a caveat in the order of NAT rules: when a static identity twice NAT rule overlaps with a dynamic twice NAT rule, the static rule will be matched no matter where it is placed in the NAT table. The unidirectional keyword prevents the static identity rule from being used for returning traffic that should match the dynamic NAT rule.
Have a question about something in this article? You can receive help directly from the article author. Sign up for a free trial to get started.
Comments (1)
Author
Commented:Best regards,
Istvan