Home > Cisco > Computer Equipment > Cisco Asdm 7 User Guide

Cisco Asdm 7 User Guide

Add to Favourites
    Download as PDF

    Here you can view all the pages of manual Cisco Asdm 7 User Guide. The Cisco manuals for Computer Equipment are available online for free. You can easily download all the documents as PDF.

    Overview View all the pages Comments

    Page 131

    Page 131 4-45 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 4 Configuring Network Object NAT (ASA 8.3 and Later) Feature History for Network Object NAT e.Click OK to return to the Edit Network Object dialog box. Step 5Click OK, and then click Apply. Feature History for Network Object NAT Ta b l e 4 - 1 lists each feature change and the platform release in which it was implemented. ASDM is backwards-compatible with multiple platform releases, so the specific ASDM release in which support... 
     
4-45
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 4      Configuring Network Object NAT (ASA 8.3 and Later)
  Feature History for Network Object NAT
e.Click OK to return to the Edit Network Object dialog box.
Step 5Click OK, and then click Apply.
Feature History for Network Object NAT
Ta b l e 4 - 1 lists each feature change and the platform release in which it was implemented. ASDM is 
backwards-compatible with multiple platform releases, so the specific ASDM release in which support...

    Page 132

    Page 132 4-46 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 4 Configuring Network Object NAT (ASA 8.3 and Later) Feature History for Network Object NAT PAT pool and round robin address assignment 8.4(2)/8.5(1) You can now specify a pool of PAT addresses instead of a single address. You can also optionally enable round-robin assignment of PAT addresses instead of first using all ports on a PAT address before using the next address in the pool. These features help prevent a large number... 
     
4-46
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 4      Configuring Network Object NAT (ASA 8.3 and Later)
  Feature History for Network Object NAT
PAT pool and round robin address assignment 8.4(2)/8.5(1) You can now specify a pool of PAT addresses instead of a 
single address. You can also optionally enable round-robin 
assignment of PAT addresses instead of first using all ports 
on a PAT address before using the next address in the pool. 
These features help prevent a large number...

    Page 133

    Page 133 4-47 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 4 Configuring Network Object NAT (ASA 8.3 and Later) Feature History for Network Object NAT PAT pool and round robin address assignment 8.4(2)/8.5(1) You can now specify a pool of PAT addresses instead of a single address. You can also optionally enable round-robin assignment of PAT addresses instead of first using all ports on a PAT address before using the next address in the pool. These features help prevent a large number... 
     
4-47
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 4      Configuring Network Object NAT (ASA 8.3 and Later)
  Feature History for Network Object NAT
PAT pool and round robin address assignment 8.4(2)/8.5(1) You can now specify a pool of PAT addresses instead of a 
single address. You can also optionally enable round-robin 
assignment of PAT addresses instead of first using all ports 
on a PAT address before using the next address in the pool. 
These features help prevent a large number...

    Page 134

    Page 134 4-48 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 4 Configuring Network Object NAT (ASA 8.3 and Later) Feature History for Network Object NAT Automatic NAT rules to translate a VPN peer’s local IP address back to the peer’s real IP address8.4(3) In rare situations, you might want to use a VPN peer’s real IP address on the inside network instead of an assigned local IP address. Normally with VPN, the peer is given an assigned local IP address to access the inside network.... 
     
4-48
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 4      Configuring Network Object NAT (ASA 8.3 and Later)
  Feature History for Network Object NAT
Automatic NAT rules to translate a VPN peer’s 
local IP address back to the peer’s real IP 
address8.4(3) In rare situations, you might want to use a VPN peer’s real 
IP address on the inside network instead of an assigned local 
IP address. Normally with VPN, the peer is given an 
assigned local IP address to access the inside network....

    Page 135

    Page 135 4-49 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 4 Configuring Network Object NAT (ASA 8.3 and Later) Feature History for Network Object NAT NAT support for reverse DNS lookups 9.0(1) NAT now supports translation of the DNS PTR record for reverse DNS lookups when using IPv4 NAT, IPv6 NAT, and NAT64 with DNS inspection enabled for the NAT rule. Per-session PAT 9.0(1) The per-session PAT feature improves the scalability of PAT and, for clustering, allows each member unit to... 
     
4-49
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 4      Configuring Network Object NAT (ASA 8.3 and Later)
  Feature History for Network Object NAT
NAT support for reverse DNS lookups 9.0(1) NAT now supports translation of the DNS PTR record for 
reverse DNS lookups when using IPv4 NAT, IPv6 NAT, and 
NAT64 with DNS inspection enabled for the NAT rule.
Per-session  PAT 9.0(1) The per-session PAT feature improves the scalability of PAT 
and, for clustering, allows each member unit to...

    Page 136

    Page 136 4-50 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 4 Configuring Network Object NAT (ASA 8.3 and Later) Feature History for Network Object NAT 
     
4-50
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 4      Configuring Network Object NAT (ASA 8.3 and Later)
  Feature History for Network Object NAT

    Page 137

    Page 137 CH A P T E R 5-1 Cisco ASA Series Firewall ASDM Configuration Guide 5 Configuring Twice NAT (ASA 8.3 and Later) Twice NAT lets you identify both the source and destination address in a single rule. This chapter shows you how to configure twice NAT and includes the following sections: Information About Twice NAT, page 5-1 Licensing Requirements for Twice NAT, page 5-2 Prerequisites for Twice NAT, page 5-2 Guidelines and Limitations, page 5-2 Default Settings, page 5-4 Configuring Twice NAT, page 5-4... 
    CH A P T E R
 
5-1
Cisco ASA Series Firewall ASDM Configuration Guide
 
5
Configuring Twice NAT (ASA 8.3 and Later)
Twice NAT lets you identify both the source and destination address in a single rule. This chapter shows 
you how to configure twice NAT and includes the following sections:
Information About Twice NAT, page 5-1
Licensing Requirements for Twice NAT, page 5-2
Prerequisites for Twice NAT, page 5-2
Guidelines and Limitations, page 5-2
Default Settings, page 5-4
Configuring Twice NAT, page 5-4...

    Page 138

    Page 138 5-2 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 5 Configuring Twice NAT (ASA 8.3 and Later) Licensing Requirements for Twice NAT Twice NAT also lets you use service objects for static NAT-with-port-translation; network object NAT only accepts inline definition. For detailed information about the differences between twice NAT and network object NAT, see the “How NAT is Implemented” section on page 3-15. Twice NAT rules are added to section 1 of the NAT rules table, or if... 
     
5-2
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 5      Configuring Twice NAT (ASA 8.3 and Later)
  Licensing Requirements for Twice NAT
Twice NAT also lets you use service objects for static NAT-with-port-translation; network object NAT 
only accepts inline definition.
For detailed information about the differences between twice NAT and network object NAT, see the 
“How NAT is Implemented” section on page 3-15.
Twice NAT rules are added to section 1 of the NAT rules table, or if...

    Page 139

    Page 139 5-3 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 5 Configuring Twice NAT (ASA 8.3 and Later) Guidelines and Limitations IPv6 Guidelines Supports IPv6. For routed mode, you can also translate between IPv4 and IPv6. For transparent mode, translating between IPv4 and IPv6 networks is not supported. Translating between two IPv6 networks, or between two IPv4 networks is supported. For transparent mode, a PAT pool is not supported for IPv6. For static NAT, you can specify an IPv6... 
     
5-3
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 5      Configuring Twice NAT (ASA 8.3 and Later)
  Guidelines and Limitations
IPv6 Guidelines
Supports IPv6.
For routed mode, you can also translate between IPv4 and IPv6.
For transparent mode, translating between IPv4 and IPv6 networks is not supported. Translating 
between two IPv6 networks, or between two IPv4 networks is supported.
For transparent mode, a PAT pool is not supported for IPv6.
For static NAT, you can specify an IPv6...

    Page 140

    Page 140 5-4 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 5 Configuring Twice NAT (ASA 8.3 and Later) Default Settings Default Settings By default, the rule is added to the end of section 1 of the NAT table. (Routed mode) The default real and mapped interface is Any, which applies the rule to all interfaces. (8.3(1), 8.3(2), and 8.4(1)) The default behavior for identity NAT has proxy ARP disabled. You cannot configure this setting. (8.4(2) and later) The default behavior for identity NAT... 
     
5-4
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 5      Configuring Twice NAT (ASA 8.3 and Later)
  Default Settings
Default Settings
By default, the rule is added to the end of section 1 of the NAT table.
(Routed mode) The default real and mapped interface is Any, which applies the rule to all interfaces.
(8.3(1), 8.3(2), and 8.4(1)) The default behavior for identity NAT has proxy ARP disabled. You 
cannot configure this setting. (8.4(2) and later) The default behavior for identity NAT...
    Start reading Cisco Asdm 7 User Guide
    All Cisco manuals