Solved

ASA-NAT Order

Posted on 2011-09-23
4
474 Views
Last Modified: 2012-05-12
Hi,

My querie is rleated to Natting order and which one takes first if one PC haivnf multiple NAT rules.

Say my PC 172.16.10.22  is PATTED with Public iP address and at same time
Statically natted with DMZ1 ( security level 90) Ip address 172.17.1.22 and
statically patted with DMZ2 interface (security level is 80) with 172.17.2.22
and also did NAT exemption i.e NAT0 and did static Identity NAT also

So if see the NAT xlate ,which one will take first ?
Pls provide a NAT-order in a undrstable manner to me

Thanks
Ramu
 
0
Comment
Question by:RAMU CH
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 35

Assisted Solution

by:Ernie Beek
Ernie Beek earned 83 total points
ID: 36586111
There is not really an order because these nat's are between different interfaces (networks). So There is no precedence, all these exist next to each other.
None 'takes first', the will be applied depending on which way the traffic flows.
0
 
LVL 33

Assisted Solution

by:MikeKane
MikeKane earned 83 total points
ID: 36587209
Ernie is correct, butI think the only exception to that rule is the NAT 0 where source and destination are specified.   NAT 0 is used for specific circumstances where you want certain traffic to bypass NAT all together.   NAT 0 is required for VPN connectivity because the NAT commands are evaluated before the crypto map match commands.  

0
 
LVL 12

Accepted Solution

by:
jjmartineziii earned 84 total points
ID: 36590010
0
 
LVL 1

Author Closing Comment

by:RAMU CH
ID: 36946809
Thnaks
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
Let’s face it: one of the reasons your organization chose a SaaS solution (whether Microsoft Dynamics 365, Netsuite or SAP) is that it is subscription-based. The upkeep is done. Or so you think.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question