Per Cisco, there are 2 required policies for outbound traffic without NAT If NAT control is disabled (using no nat-control), inside hosts can communicate with outside networks without the configuration of a NAT rule as long as they have valid public addresses. When NAT control is enabled, configuration of NAT rules is required in order to allow outbound traffic, as is the case with earlier versions of PIX software (older than 7.0). You should decide using the nat-control command in configuration mode to specify if NAT is required for outside communications. It all changed in PIX 7.0 when Cisco added the nat-control command which let you configure your PIX\ASA to allow traffic to flow across without the usage of NAT. Historically, PIX required NAT translation for traffic flowing from one interface to another. What is it doing and should I use it in my ASA? Reading this post will answer some of the questions. One of the things that came up when I checked the PIX config is nat-control. ![]() ![]() As I wrote in my last post, I’m working on a PIX to ASA migration.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |